thermald: change the default dbus policy, make it more restrictive

Bug #1314527 reported by Colin Ian King on 2014-04-30
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
thermald (Ubuntu)
Medium
Colin Ian King
Trusty
Medium
Unassigned

Bug Description

org.freedesktop.thermald.conf default dbus policy should be more restrictive

===

SRU Justification:

[Impact]

With the current dbus policy one can terminate thermald using:

dbus-send --system --dest=org.freedesktop.thermald /org/freedesktop/thermald org.freedesktop.thermald.Terminate
thermald can be send dbus

..fortunately init respawns thermald, but the policy is not restrictive enough, only root should be able to do this.

Justification:

This fix restricts the default policy so only root can send dbus messages to thermald.

[Test Case]

How to reproduce:

dbus-send --system --dest=org.freedesktop.thermald /org/freedesktop/thermald org.freedesktop.thermald.Terminate
thermald can be send dbus

then use: dmesg and see that init has respawned thermald (which means it received the dbus message and handled it)

With the fix, the dbus-send message won't kill thermald and hence one won't see the re-spawn message in dmesg.

[Regression Potential]

Cannot think of any, low to none. Thermald is not a default install, it is a new packaging in Trusty and is currently op-in, so this change has minimal impact. Regression potential is that users won't be able to communicate to thermald via dbus-send, which is not the recommended way to shut down thermald anyhow.

Tested today on an AMD64 trusty install.

Changed in thermald (Ubuntu):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Colin King (colin-king)
milestone: none → trusty-updates
Colin Ian King (colin-king) wrote :

Attached is a debdiff with the fix to set the dbus policy correctly.

summary: - thernald: change the default dbus policy, make it more restrictive
+ thermald: change the default dbus policy, make it more restrictive
Colin Ian King (colin-king) wrote :

Note that thermald is not a default install or start package.

Andy Whitcroft (apw) wrote :

@Colin -- If you get me a package made, I will review and sponsor it for you.

Andy Whitcroft (apw) wrote :

Ok uploaded to the queue -- thermald 1.1~rc2-11ubuntu0.1

Colin Ian King (colin-king) wrote :

SRU Justification:

[Impact]

With the current dbus policy one can terminate thermald using:

dbus-send --system --dest=org.freedesktop.thermald /org/freedesktop/thermald org.freedesktop.thermald.Terminate
thermald can be send dbus

..fortunately init respawns thermald, but the policy is not restrictive enough, only root should be able to do this.

Justification:

This fix restricts the default policy so only root can send dbus messages to thermald.

[Test Case]

How to reproduce:

dbus-send --system --dest=org.freedesktop.thermald /org/freedesktop/thermald org.freedesktop.thermald.Terminate
thermald can be send dbus

then use: dmesg and see that init has respawned thermald (which means it received the dbus message and handled it)

With the fix, the dbus-send message won't kill thermald and hence one won't see the re-spawn message in dmesg.

[Regression Potential]

Cannot think of any, low to none. Thermald is not a default install, it is a new packaging in Trusty and is currently op-in, so this change has minimal impact. Regression potential is that users won't be able to communicate to thermald via dbus-send, which is not the recommended way to shut down thermald anyhow.

Tested today on an AMD64 trusty install.

Andy Whitcroft (apw) on 2014-04-30
description: updated
Changed in thermald (Ubuntu Trusty):
milestone: none → trusty-updates
Changed in thermald (Ubuntu):
milestone: trusty-updates → none
Changed in thermald (Ubuntu Trusty):
status: New → In Progress
importance: Undecided → Medium

Hello Colin, or anyone else affected,

Accepted thermald into trusty-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/thermald/1.1~rc2-11ubuntu0.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in thermald (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package thermald - 1.1~rc2-12

---------------
thermald (1.1~rc2-12) unstable; urgency=medium

  * Deny non root users to send system bus dbus messages (LP: #1314527)

 -- Colin King <email address hidden> Wed, 30 Apr 2014 09:30:21 +0100

Changed in thermald (Ubuntu):
status: In Progress → Fix Released
Colin Ian King (colin-king) wrote :

Tested thermald 1.1~rc2-11ubuntu0.1 on a clean install of Trusty and it fixes the issue.

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package thermald - 1.1~rc2-11ubuntu0.1

---------------
thermald (1.1~rc2-11ubuntu0.1) trusty; urgency=medium

  * Deny non root users to send system bus dbus messages (LP: #1314527)
 -- Colin King <email address hidden> Wed, 30 Apr 2014 09:30:21 +0100

Changed in thermald (Ubuntu Trusty):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for thermald has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Hello Colin, or anyone else affected,

Accepted thermald into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/thermald/1.7.0-5ubuntu4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in thermald (Ubuntu Bionic):
status: New → Fix Committed
tags: added: verification-needed verification-needed-bionic
removed: verification-done
Colin Ian King (colin-king) wrote :

The bionic SRU test message occurred because I accidentally uploaded the package with the entire old history. This bug has already been fixed and the verification for bionic can be ignored.

tags: removed: verification-needed verification-needed-bionic
Changed in thermald (Ubuntu Bionic):
status: Fix Committed → Fix Released
no longer affects: thermald (Ubuntu Bionic)
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers