[Pkg-bluetooth-maintainers] Bug#510644: bluetooth.conf needs alterations for new D-Bus
Simon McVittie
smcv at debian.org
Sun Jan 4 01:29:44 UTC 2009
Package: bluez-utils
Version: 3.36-2
Severity: serious
Justification: blocker for #503532 (CVE-2008-4311) and far-fetched security hole
Tags: fixed-upstream
User: pkg-utopia-maintainers at lists.alioth.debian.org
Usertags: CVE-2008-4311
bluez-utils installs a D-Bus system policy file intending to allow users
at the console to send BlueZ messages to hcid. However, it actually
allows users at the console to send messages to the object path '/' on
any service, slightly subverting access control for those other services.
Furthermore, it might be insufficient to allow everything that hcid intends to
allow; messages used to be allowed accidentally by a dbus-daemon bug, but
with the dbus-daemon changes targeted for lenny, they will be denied
unless explicitly allowed.
<http://git.kernel.org/?p=bluetooth/bluez.git;a=history;f=src/bluetooth.conf;h=c0476237;hb=fb333f1c>
shows the recent history of this file - the latest version,
<http://git.kernel.org/?p=bluetooth/bluez.git;a=blob;f=src/bluetooth.conf;hb=06637b08>,
appears to be appropriate.
Regards from the Cambridge BSP,
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-bluetooth-maintainers/attachments/20090104/3f2471b8/attachment.pgp
More information about the Pkg-bluetooth-maintainers
mailing list