Ubuntu
location-service package

Ensure that TrustStorePermissionManager is not subject to PID races

Bug #1352978 reported by Thomas Voß on 2014-08-05

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	location-service (Ubuntu)	Confirmed	High	Thomas Voß

Bug Description

Based on sarnold's review comment https://code.launchpad.net/~thomas-voss/location-service/fix-1219164/+merge/228861/comments/556132, the TrustStorePermissionManager implementation should:

  (1.) Query pid*, uid*, apparmor* profile from dbus daemon
  (2.) Query agent
  (3.) Query pid, uid, apparmor and compare to pid*, uid*, apparmor*

Revision history for this message

Tyler Hicks (tyhicks) wrote on 2014-08-05:

Hi Thomas - I'm trying to understand this a little more.

In step #1, the TrustStorePermissionManager is querying the pid*, uid*, apparmor_profile* of what, exactly? The agent?

In step #2, how does it query the agent? Over D-Bus?

In step #3, what is being queried for the pid, uid, and apparmor_profile? Is it the dbus-daemon again?

Thanks!

Revision history for this message

Thomas Voß (thomas-voss) wrote on 2014-08-05:

Hi Tyler,

For (1.) pid, uid and apparmor-profile would be those of the application trying to access the trusted helper.
For (2.) yes, via dbus
For (3.) exactly, the dbus daemon is queried again.

Thomas Voß (thomas-voss) on 2014-08-19

affects:

location-service → location-service (Ubuntu)

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulocation-service package

Ensure that TrustStorePermissionManager is not subject to PID races

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
location-service package