diff options
| author | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-05-12 11:10:58 +0100 |
|---|---|---|
| committer | Simon McVittie <simon.mcvittie@collabora.co.uk> | 2015-05-14 14:30:30 +0100 |
| commit | 084977cfe2cc232bc8b25fd7088a5a4f1a6a65d5 (patch) | |
| tree | 840e7903e754172ac8f2cdc2b4162a2cadd2817f /cmake | |
| parent | 954371eea2340d83ae28e4cc8a629e43811dc771 (diff) | |
Security hardening: force EXTERNAL auth in session.conf on Unix
DBUS_COOKIE_SHA1 is dependent on unguessable strings, i.e.
indirectly dependent on high-quality pseudo-random numbers
whereas EXTERNAL authentication (credentials-passing)
is mediated by the kernel and cannot be faked.
On Windows, EXTERNAL authentication is not available,
so we continue to use the hard-coded default (all
authentication mechanisms are tried).
Users of tcp: or nonce-tcp: on Unix will have to comment
this out, but they would have had to use a special
configuration anyway (to set the listening address),
and the tcp: and nonce-tcp: transports are inherently
insecure unless special steps are taken to have them
restricted to a VPN or SSH tunnelling.
Users of obscure Unix platforms (those that trigger
the warning "Socket credentials not supported on this Unix OS"
when compiling dbus-sysdeps-unix.c) might also have to
comment this out, or preferably provide a tested patch
to enable credentials-passing on that OS.
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=90414
Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>
Diffstat (limited to 'cmake')
| -rw-r--r-- | cmake/CMakeLists.txt | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/cmake/CMakeLists.txt b/cmake/CMakeLists.txt index 3de0606a..20a8334f 100644 --- a/cmake/CMakeLists.txt +++ b/cmake/CMakeLists.txt @@ -452,6 +452,7 @@ if (WIN32) # bus-test expects a non empty string set (DBUS_USER "Administrator") set (DBUS_TEST_USER "guest") + set (DBUS_SESSION_CONF_MAYBE_AUTH_EXTERNAL "<!--<auth>EXTERNAL</auth>-->") else (WIN32) set (DBUS_SESSION_BUS_LISTEN_ADDRESS "unix:tmpdir=${DBUS_SESSION_SOCKET_DIR}" CACHE STRING "session bus default listening address") set (DBUS_SESSION_BUS_CONNECT_ADDRESS "autolaunch:" CACHE STRING "session bus fallback address for clients") @@ -461,6 +462,9 @@ else (WIN32) set (DBUS_SESSION_CONFIG_FILE ${configdir}/session.conf) set (DBUS_USER "messagebus") set (DBUS_TEST_USER "nobody") + # For best security, assume that all non-Windows platforms can do + # credentials-passing. + set (DBUS_SESSION_CONF_MAYBE_AUTH_EXTERNAL "<auth>EXTERNAL</auth>") endif (WIN32) set (DBUS_DAEMON_NAME "dbus-daemon" CACHE STRING "The name of the dbus daemon executable") |