https://bugzilla.novell.com/show_bug.cgi?id=428963
User thoenig@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=428963#c65
--- Comment #65 from Timo Hoenig
Well - unless I'm mistaken we didn't commit the (frankly silly) <allow user="*" /> but we added the <allow user="root"/> - at least I hope we did.
Yes.
The latter allows *only* something that could easily happen anyway, and is inside the privilege envelope of the root account anyway. ie. if Root -really- wants to connect to a user's session bus, our advisory security can only stop him so far: he can just gdb to the session bus, tweak the setting & try again if necessary.
ie. AFAICS <allow user="root"/> adds -no- new security hole - beyond this: that applications running as root -might- get a malformed D-BUS message from the session-bus (ie. the user), and -might- then do something bad. Since the user clearly knows the root password anyway - this is something we have to just live with.
So - again; where is the security problem ? I really, really don't see it.
___I'm not discussing the security or policy issues.___ I've mentioned it before (c.f. comment #59). Anyway, I'm currently working on finding a fix for the root cause. First findings: As expected, we're hiding the real issue with the session bus patch. - y2cc-g runs as root (gnomsu via slab) - y2controlcenter-gnome accesses gconf -- fine. - it is accessing gconf keys (e.g. /desktop/gnome/applications/main-menu/upgrade_package_command) -- routed to the session owners gconf instance - bang Imagine you're doing this twice - First run starting from session owned by Alice - Second run starting from session owned by Bob Depending on $HOME/.gconf/* of Alice and Bob you'll get different results for the gconf key. Not really what I'd be expecting if I run something as root. Let me know if I'm missing something -- I'm still working on this by sense of duty -- not profession; unfamiliar fields for someone who's not an gconf/y2cc-g/g* expert. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.