From f8eeb881ffd4c84af53d6360ee689f21b0b10597 Mon Sep 17 00:00:00 2001
From: "John (J5) Palmieri" <johnp@redhat.com>
Date: Tue, 26 Feb 2008 13:51:16 -0500
Subject: CVE-2008-0595 dbus security policy circumvention

* CVE-2008-0595 - security policy of the type <allow send_interface=
  "some.interface.WithMethods"/> work as an implicit allow for
  messages sent without an interface bypassing the default deny rules
  and potentially allowing restricted methods exported on the bus to be
  executed by unauthorized users.  This patch fixes the issue.
* bus/policy.c (bus_client_policy_check_can_send,
  bus_client_policy_check_can_receive): skip messages without an
  interface when evaluating an allow rule
---
 ChangeLog | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index d78dd1d6..4f6ee7c6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,15 @@
+2008-02-26  John (J5) Palmieri  <johnp@redhat.com>
+
+	* CVE-2008-0595 - security policy of the type <allow send_interface=
+	  "some.interface.WithMethods"/> work as an implicit allow for
+	  messages sent without an interface bypassing the default deny rules
+	  and potentially allowing restricted methods exported on the bus to be
+	  executed by unauthorized users.  This patch fixes the issue.
+	* bus/policy.c (bus_client_policy_check_can_send,
+	  bus_client_policy_check_can_receive): skip messages without an 
+	  interface when evaluating an allow rule, and thus pass it to the
+	  default deny rules
+
 2008-02-26  John (J5) Palmieri  <johnp@redhat.com>
 
 	* correctly unref connections without guids during shutdown
-- 
cgit