|
|
Subscribe / Log in / New account

Obstacles for kdbus

Obstacles for kdbus

Posted Apr 18, 2015 11:09 UTC (Sat) by mathstuf (subscriber, #69389)
In reply to: Obstacles for kdbus by aigarius
Parent article: Obstacles for kdbus

> I mean - does the receiver even *need* to know the pid of the sender?

Yes. I'm implementing the SecretService API in keepassx and I'm locking it down so that access is based on a per-application basis (so a malicious app can't rummage around once it is open). Determining the binary is dependent on the executable pointed to by /process/PID/exe. I'd be grateful for better solutions, but that's the best I can do right now. I'm pretty sure it isn't subject to PID races since the reply won't be hooked up if it gets replaced (though exec could happen I suppose).

to post comments

Obstacles for kdbus

Posted Apr 18, 2015 18:44 UTC (Sat) by nybble41 (subscriber, #55106) [Link] (1 responses)

> ... I'm locking it down so that access is based on a per-application basis.... Determining the binary is dependent on the executable pointed to by /process/PID/exe.

Unless you're doing something to prevent LD_PRELOAD and ptrace(), I'm not sure what you intend to accomplish by this. Even ignoring any potential PID race conditions, the code which is running and has access to the message bus is not determined solely by /proc/PID/exe.

Obstacles for kdbus

Posted Apr 18, 2015 19:11 UTC (Sat) by mathstuf (subscriber, #69389) [Link]

Currently, kwallet and gnome-keyring have a single "unlock" state at the collection level (though ISTR kwallet also gating based on the app, access was still global once permitted). Once, say, Firefox unlocks the store, any app can go in and query passwords. To me, it doesn't make sense to allow Firefox access to passwords intended for Pidgin or git, and vice versa (and they can even delete each other's passwords). As for the actual code running, yeah, something better would be nice, but it's more to minimize leaking if an application does have problems. It's already a pain to migrate dozens of accounts to a password store in the first place and I don't want to imagine trying to get back once malware starts targeting password stores (either by quietly siphoning, deleting, or modifying passwords in them) through the apps which communicate with them.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy