Hottest Free Downloads - DownloadPipe.com Over 197,000 downloads! Bookmark Now!
DownloadPipe.com - New Downloads Every Minute
 SEARCH:
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Bug#510636: libosso: Has a dbus config file which circumve..

  
   Linux (Home) -> Bugs RC RSS
Next:  Bug#510585: CVE-2008-5718: arbitrary command exec..  
Author Message
Matthew Johnson

External


Since: Dec 05, 2007
Posts: 109



(Msg. 1) Posted: Sun Jan 04, 2009 12:00 am
Post subject: Bug#510636: libosso: Has a dbus config file which circumvents all security messages on the system bus
Archived from groups: linux>debian>bugs>rc (more info?)
Package: libosso
Version: 2.15.debian.1-1
Severity: grave
Tags: security

libosso1 ships /etc/dbus-1/system.d/libosso.conf which turns off all the
security checks on the system bus by allowing all messages from everyone
to everyone else. This is bad mkay?

-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-4-686 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-Cool
Shell: /bin/sh linked to /bin/dash



--
To UNSUBSCRIBE, email to debian-bugs-rc-REQUEST RemoveThis @lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster RemoveThis @lists.debian.org
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Bug#510709: smart-notifier: DBus configuration file doesn'.. - Package: smart-notifier Version: 0.28-1 Severity: serious Justification: blocks fix for CVE-2008-4311 smart-notifier should explicitly allow introspection in it's config file. It's recommended to use send_destination= to allow all messages of any type t...

Bug#497393: FTBFS OSError: [Errno 2] No such file or direc.. - Package: workrave Version: 1.9.0-3 Severity: serious Hi, http://buildd.debian.org/~jeroen/status/package.php?p=workrave&suite=unstable workrave is uninstallable in sid since the 14th of August. I think this is the third upload which FTB...

Bug#420578: exim4-config killed my email-addresses file - Package: exim4-config Version: 4.63-17 Severity: grave Hi, After the upgrade to etch, I found myself generating mails with the wrong headers. When I went to look why, I saw: % ls -l /etc/exim4/email-addresses* lrwxrwxrwx 1 root root 18 2007-04-15..

Bug#375542: xfe: Config file in /usr/lib and not preserved.. - Package: xfe Version: 0.88-2 Severity: serious Justification: Policy 10.7.2 and 10.7.3 /usr/lib/foxrc/Desktop is the system-wide configuration file for xfe and is currently not marked as a conffile. It can be overridden as needed by the user's..

Bug#375542: xfe: Config file in /usr/lib and not preserved.. - Hi Jose! What is the status of this bug? Is Mike's patch satisfactory? Do you perhaps need help of an NMU? -- Kind regards, +--------------------------------------------------------------------+ | Bas Zoetekouw | GPG key: 0644fab7 ...
       Linux (Home) -> Bugs RC All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Categories:
 Windows Forums
 Game Forums
  Linux Forums
 Mac Forums
 PDA Forums
 Mobile Forums
  Top  |  Store  |  RSS Feeds RSS  |  Data Feeds  |  Advertise  |  Submit  |  Bookmark  |  Newsletter  |  Contact