Hello, Sergey Bugaev, le lun. 30 déc. 2024 16:44:24 +0300, a ecrit: > This feels like an opportunity to remind everyone that the SCM_CREDS > implementation, which is shipped as a Debian downstream patch, doesn't > actually verify the credentials. I have posted a more detailed > description [0] back in Feb 2023, and still got no response. So: ping? > > [0]: https://mail.gnu.org/archive/html/bug-hurd/2023-02/msg00054.html > > I have also written a PoC exploit for this, which authenticates itself > to the D-Bus daemon as UID 0, even though it's not.
Writing PoC is not really useful, we completely know that the patch is not complete (which is one of the reasons why it's not upstream). Contribution to fix the issue welcome. Samuel
