diff options
| author | Dan Williams <dcbw@redhat.com> | 2010-08-11 15:40:25 -0500 |
|---|---|---|
| committer | Dan Williams <dcbw@redhat.com> | 2010-08-11 16:01:33 -0500 |
| commit | 3af9938d176c5d50f8d76a541323fd1497578018 (patch) | |
| tree | c523a715a6121e970e06b1206c9f7dd7430d47fd | |
| parent | 8ba3410e1c8c1b13707231bba4fa0cc364f10647 (diff) | |
| download | NetworkManager-3af9938d176c5d50f8d76a541323fd1497578018.tar.gz | |
core: work around dbus-glib property access bug (CVE-2010-1172) (rh #585394)
More info:
https://bugzilla.redhat.com/show_bug.cgi?id=585394
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1172
dbus-glib was not properly enforcing the 'access' permissions on
object properties exported using its API. There were 2 specific bugs:
1) dbus-glib did not enforce the introspection read/write property
permissions, so if the GObject property definition allowed write
access (which is sometimes desirable), D-Bus clients could modify
that value even if the introspection said it was read-only
2) dbus-glib was not filtering out GObject properties that were
not listed in the introspection XML. Thus, if the GObject defined
more properties than were listed in the introspection XML (which is
also often useful, and NM uses this quite a bit) those properties
would also be exposed to D-Bus clients.
To fix this completely, you need to:
1) get dbus-glib master when the patch is commited, OR grab the
patch from https://bugzilla.redhat.com/show_bug.cgi?id=585394 and
build a new dbus-glib
2) rebuild NetworkManager against the new dbus-glib
| -rw-r--r-- | configure.ac | 6 | ||||
| -rw-r--r-- | src/NetworkManager.c | 16 | ||||
| -rw-r--r-- | src/NetworkManagerAP.c | 20 |
3 files changed, 29 insertions, 13 deletions
diff --git a/configure.ac b/configure.ac index 6deefc5b78..840abb701a 100644 --- a/configure.ac +++ b/configure.ac @@ -188,6 +188,12 @@ dnl Checks for libm - needed for pow() dnl LT_LIB_M +dnl +dnl Checks for new dbus-glib property access function +dnl +AC_CHECK_LIB([dbus-glib-1], [dbus_glib_global_set_disable_legacy_property_access], ac_have_dg_prop="1", ac_have_dg_prop="0") +AC_DEFINE_UNQUOTED(HAVE_DBUS_GLIB_DISABLE_LEGACY_PROP_ACCESS, $ac_have_dg_prop, [Define if you have a dbus-glib with dbus_glib_global_set_disable_legacy_property_access()]) + PKG_CHECK_MODULES(DBUS, dbus-1 >= 1.1 dbus-glib-1 >= 0.75) AC_SUBST(DBUS_CFLAGS) AC_SUBST(DBUS_LIBS) diff --git a/src/NetworkManager.c b/src/NetworkManager.c index aebce94457..2bb744038f 100644 --- a/src/NetworkManager.c +++ b/src/NetworkManager.c @@ -19,10 +19,7 @@ * Copyright (C) 2005 - 2008 Novell, Inc. */ -#ifdef HAVE_CONFIG_H -# include <config.h> -#endif - +#include <config.h> #include <glib.h> #include <dbus/dbus.h> #include <dbus/dbus-glib-lowlevel.h> @@ -488,6 +485,17 @@ main (int argc, char *argv[]) g_thread_init (NULL); dbus_g_thread_init (); +#ifndef HAVE_DBUS_GLIB_DISABLE_LEGACY_PROP_ACCESS +#error HAVE_DBUS_GLIB_DISABLE_LEGACY_PROP_ACCESS not defined +#endif + +#if HAVE_DBUS_GLIB_DISABLE_LEGACY_PROP_ACCESS + /* Ensure that non-exported properties don't leak out, and that the + * introspection 'access' permissions are respected. + */ + dbus_glib_global_set_disable_legacy_property_access (); +#endif + setup_signals (); nm_logging_setup (become_daemon); diff --git a/src/NetworkManagerAP.c b/src/NetworkManagerAP.c index 3c3042a1d3..53f5905167 100644 --- a/src/NetworkManagerAP.c +++ b/src/NetworkManagerAP.c @@ -152,6 +152,8 @@ set_property (GObject *object, guint prop_id, case PROP_STRENGTH: nm_ap_set_strength (ap, g_value_get_char (value)); break; + case PROP_HW_ADDRESS: + break; default: G_OBJECT_WARN_INVALID_PROPERTY_ID (object, prop_id, pspec); break; @@ -241,7 +243,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) NM_802_11_AP_FLAGS_NONE, NM_802_11_AP_FLAGS_PRIVACY, NM_802_11_AP_FLAGS_NONE, - G_PARAM_READWRITE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_WPA_FLAGS, @@ -251,7 +253,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) NM_802_11_AP_SEC_NONE, all_sec_flags, NM_802_11_AP_SEC_NONE, - G_PARAM_READWRITE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_RSN_FLAGS, @@ -261,7 +263,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) NM_802_11_AP_SEC_NONE, all_sec_flags, NM_802_11_AP_SEC_NONE, - G_PARAM_READWRITE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_SSID, @@ -269,7 +271,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) "SSID", "SSID", DBUS_TYPE_G_UCHAR_ARRAY, - G_PARAM_READWRITE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_FREQUENCY, @@ -277,7 +279,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) "Frequency", "Frequency", 0, 10000, 0, - G_PARAM_READWRITE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_HW_ADDRESS, @@ -285,7 +287,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) "MAC Address", "Hardware MAC address", NULL, - G_PARAM_READABLE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_MODE, @@ -293,7 +295,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) "Mode", "Mode", NM_802_11_MODE_ADHOC, NM_802_11_MODE_INFRA, NM_802_11_MODE_INFRA, - G_PARAM_READWRITE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_MAX_BITRATE, @@ -301,7 +303,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) "Max Bitrate", "Max Bitrate", 0, G_MAXUINT16, 0, - G_PARAM_READWRITE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); g_object_class_install_property (object_class, PROP_STRENGTH, @@ -309,7 +311,7 @@ nm_ap_class_init (NMAccessPointClass *ap_class) "Strength", "Strength", G_MININT8, G_MAXINT8, 0, - G_PARAM_READWRITE)); + G_PARAM_READWRITE | G_PARAM_CONSTRUCT_ONLY)); /* Signals */ signals[PROPERTIES_CHANGED] = |