projects / platform / upstream / dbus.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8874d3a) | patch
CVE-2014-7824: set fd rlimit to 64k for the system dbus-daemon
authorSimon McVittie <simon.mcvittie@collabora.co.uk>
Tue, 4 Nov 2014 14:41:54 +0000 (14:41 +0000)
committerSimon McVittie <simon.mcvittie@collabora.co.uk>
Thu, 6 Nov 2014 15:31:07 +0000 (15:31 +0000)
commit4e466446d27f1a3991c22307a47a81c9e93e530d
tree5e5b27972b0246ef93f9baab230cdfb042dba8e6tree | snapshot
parent8874d3a0c57c0cae97cbe426e3686936da53f649commit | diff
CVE-2014-7824: set fd rlimit to 64k for the system dbus-daemon

This ensures that our rlimit is actually high enough to avoid the
denial of service described in CVE-2014-3636 part A.
CVE-2014-7824 has been allocated for this incomplete fix.

Restore the original rlimit for activated services, to avoid
them getting undesired higher limits.

(Thanks to Alban Crequy for various adjustments which have been
included in this commit.)

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=85105
Reviewed-by: Alban Crequy <alban.crequy@collabora.co.uk>
bus/activation.c diff | blob | history
bus/bus.c diff | blob | history
bus/bus.h diff | blob | history
dbus/dbus-sysdeps-util-unix.c diff | blob | history
dbus/dbus-sysdeps-util-win.c diff | blob | history
dbus/dbus-sysdeps.h diff | blob | history
Domain: System / IPC;