May 2, 2008

D-Bus Spying

I found how to make dbus-monitor show me more than just signals on the system bus. The documentation in dbus-daemon(1) is very terse about that. This is probably insecure, although I don't know of an interesting exploit.
--- /etc/dbus-1/system.conf.orig        2008-05-02 17:08:03.000000000 +0200
+++ /etc/dbus-1/system.conf 2008-05-02 17:08:30.000000000 +0200
@@ -55,6 +55,9 @@
<allow send_requested_reply="true">
<allow receive_requested_reply="true">
</allow>
+ <policy context="mandatory">
+ <allow receive_interface="*" eavesdrop="true">
+ </policy>

<!-- Config files are placed here that among other things, punch
holes in the above policy for specific services. -->
Then you need to tell the daemon to reread the config:
# pkill -HUP -u messagebus
BTW I still haven't figured out how to monitor method_return. I guess receive_requested_reply="false" should do it but not sure how. Does anyone know?

No comments: