[Bug 764063] New: cdemu-daemon: suse-dbus-unauthorized-service
https://bugzilla.novell.com/show_bug.cgi?id=764063 https://bugzilla.novell.com/show_bug.cgi?id=764063#c0 Summary: cdemu-daemon: suse-dbus-unauthorized-service Classification: openSUSE Product: openSUSE 12.2 Version: Factory Platform: All OS/Version: Linux Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jengelh@inai.de QAContact: qa-bugs@suse.de Found By: Beta-Customer Blocker: --- filesystem/cdemu-daemon is almost ready for submission to factory. cdemu-daemon.x86_64: E: suse-dbus-unauthorized-service (Badness: 10000) /usr/share/dbus-1/system-services/net.sf.cdemu.CDEMUD_Daemon.service cdemu-daemon.x86_64: E: suse-dbus-unauthorized-service (Badness: 10000) /etc/dbus-1/system.d/cdemud-dbus.conf The package installs a DBUS system service file. If the package is intended for inclusion in any SUSE product please open a bug report to request review of the service by the security team. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c1
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c2
Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c3
Ludwig Nussel
1. When run by root as a system daemon all users can load and unload images on that daemon instance. Naturally, this is discouraged by upstream.
Uhm, could you please not install the dbus autolaunch file then?
2. For session mode - the default -, each unprivileged user can start a daemon instance, provided he has access to /dev/vhba_ctl to obtain a set of virtual
Where do the permissions for that file come from? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c4
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c5
Jan Engelhardt
Uhm, could you please not install the dbus autolaunch file then?
Done.
Where do the permissions for that file come from?
Ideally by some ACL magic, but I have not figured that out yet. So currently, no permission is automatically given and it requires a manual chmod by root. So it should be rather safe :)
9 LOG_FILE=/tmp/cdemu-daemon.log
Changed to /var/log. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c6
--- Comment #6 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c7
Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c8
--- Comment #8 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c9
--- Comment #9 from Bernhard Wiedemann
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c10
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=764063
https://bugzilla.novell.com/show_bug.cgi?id=764063#c11
--- Comment #11 from Jan Engelhardt
participants (1)
-
bugzilla_noreply@novell.com