Red Hat Bugzilla – Bug 177880
User crashes system dbus with red hat example
Last modified: 2013-03-05 22:44:38 EST
Description of problem:
The example provided for manipulating BIND (named) with dbus crashes the system
message bus. This is both a crash and an example of elevated privilege (users
should not have enough privileges to crash system daemons), hence severity
SECURITY. The socket used to contact the messagebus is world writeable, so
anyone with user privileges can potentially crash the bus.
Version-Release number of selected component (if applicable):
Happens every time on this machine.
Steps to Reproduce:
1. As an ordinary user run the command
dbus-send --system --type=method_call --print-reply --dest=com.redhat.named
This command is simplified from the example provided in README.DBUS with the
Fedora Core BIND 9.3.1 documentation, which has the same results.
System dbus-daemon crashes, if it is run with --nofork to capture errors, the
2879: assertion failed "table->key_type == DBUS_HASH_STRING" file "dbus-hash.c"
line 1269 function _dbus_hash_table_remove_string
dbus-daemon should not crash.
Created attachment 130385 [details]
Crash system dbus as a user.
Loosely based on
and changed in a misguided attempt by me to use the systembus. :-)
This report targets the FC3 or FC4 products, which have now been EOL'd.
Could you please check that it still applies to a current Fedora release, and
either update the target product or close it ?
I am the original reporter.
Seems to be fixed in Fedora 7 which I'm running here. So marking resolved
WORKSFORME. Please change this if there is a better resolution for bugs that are
now fixed but the fix isn't specifically known.