| Summary: | max_incomplete_connections: disconnect random unauthenticated connection? | ||
|---|---|---|---|
| Product: | dbus | Reporter: | Alban Crequy <alban.crequy> |
| Component: | core | Assignee: | Havoc Pennington <hp> |
| Status: | RESOLVED WONTFIX | QA Contact: | |
| Severity: | normal | ||
| Priority: | medium | CC: | alban.crequy, smcv, thiago, walters |
| Version: | unspecified | ||
| Hardware: | Other | ||
| OS: | All | ||
| Whiteboard: | |||
| i915 platform: | i915 features: | ||
When Alban investigated this he realized that there was a denial of service vulnerability, Bug #80919. That bug was fixed in a different way in 1.8.8, and the algorithm suggested in the comment turned out not to help, so this is WONTFIX. |
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.
When max_incomplete_connections is reached, new connections fail and we disconnect the oldest unauthenticated connection. The code contains a "FIXME" explaining the risk with a suggestion of a better solution. We should investigate if we can do better than this. bus/connection.c:bus_connections_setup_connection(): > /* And we might also disconnect ourselves here, but again it > * only takes effect on return to main loop. > */ > if (connections->n_incomplete > > bus_context_get_max_incomplete_connections (connections->context)) > { > _dbus_verbose ("Number of incomplete connections exceeds max, dropping oldest one\n"); > > _dbus_assert (connections->incomplete != NULL); > /* Disconnect the oldest unauthenticated connection. FIXME > * would it be more secure to drop a *random* connection? This > * algorithm seems to mean that if someone can create new > * connections quickly enough, they can keep anyone else from > * completing authentication. But random may or may not really > * help with that, a more elaborate solution might be required. > */ > dbus_connection_close (connections->incomplete->data); > } Note: max_incomplete_connections is 64 by default (the system bus uses the default) and 10000 on the session bus.