Date: Wed, 26 Sep 2012 05:16:16 -0700 From: David Wolfskill <david@catwhisker.org> To: moused86799 <mousedz23499@workoblue.33mail.com> Cc: freebsd-security@freebsd.org Subject: Re: Vulnerability - moused dependency on dbus-daemon - how to get rid of DBUS? Message-ID: <20120926121616.GA1645@albert.catwhisker.org> In-Reply-To: <1348634420023-5746974.post@n5.nabble.com> References: <1348634420023-5746974.post@n5.nabble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--J/dobhs11T7y2rNN Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Sep 25, 2012 at 09:40:20PM -0700, moused86799 wrote: > one way of attacking the OS > 1.search the lists > http://lists.freebsd.org/pipermail/freebsd-questions/2012-May/241042.html > 2.)mouse intermittent works if problem with dbus-daemon > 3.)analyze - dbus-daemon is a 'relatively unknown' and extra DEPENDENCY > of moused Errr... Perhaps in your configuration; perhaps also in (some) others'. But moused is part of base FreeBSD, while dbus* is not. So it is certainly possible to run moused without dbus-daemon. But as a somewhat more constructive demonstration: g1-227(10.0-C)[1] ps axwwl | egrep 'moused|dbus' 0 1461 1 0 20 0 10076 9840 select Ss - 0:00.10 /usr/sbin/= moused -a 2.7 -p /dev/psm0 -t auto 1001 7579 1855 0 21 0 10148 9280 - RL+ 7 0:00.01 egrep mous= ed|dbus g1-227(10.0-C)[2]=20 That's from my laptop, running X. While I have dbus-1.4.14_4 & dbus-glib-0.94 installed (as they are listed as dependencies for some other ports I have installed), I decline to use them. > 4.)set kern.securelevel=3D333 > 5.)interrupt control of moused > root /usr/sbin/moused -F 200 -A 1.5.2.0 -a 0.7 -r high -V -p /dev/psm0 -t > auto > 6.)alt to port /dev/psm0 - not completed Errr... Everything you're doing there already requires eUID 0 access, so I'm not sure what your concern really is. > so, how can anything dbus be ELIMINATED from the OS? g1-227(10.0-C)[8] grep dbus /etc/rc.conf* g1-227(10.0-C)[9]=20 > ... > question: how can dbus or dbus-daemon be eliminated from the basic OS > configuration for a developer workstation? Well, I believe my laptop is configured in a way that meets the stated criteria. (It has a local private mirror of the FreeBSD src, ports, & doc SVN repositories, and I track stable/9 & head on it, daily.) About the only point that comes to mind that I haven't already pointed out is the addition of a stanza: Section "ServerFlags" Option "AutoAddDevices" "False" EndSection to xorg.conf -- though there are other ways to accomplish that, as well (IIRC). Of course, I avoid these fancy "desktop environment" things; the window manager I use descends rather directly from twm (and looks like it), but it works for me (even though I know of only 2 other folks who I have seen use it -- one of whom is my spouse). Peace, david --=20 David H. Wolfskill david@catwhisker.org Depriving a girl or boy of an opportunity for education is evil. See http://www.catwhisker.org/~david/publickey.gpg for my public key. --J/dobhs11T7y2rNN Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlBi8g8ACgkQmprOCmdXAD3dZQCgiMWFJVVgRDfJnPBTFJbt4NZX B2AAn3eAbw4KSH49p9tpCTh9hu1lkqkj =1KZu -----END PGP SIGNATURE----- --J/dobhs11T7y2rNN--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120926121616.GA1645>