Re: [orca-list] Speech Dispatcher 0.7 Beta -- Please help with testing

[Bill Cox <waywardgeek gmail com>]

I like the socket approach, but I guess your concern may be why Luke
was thinking of using dbus.  Still, a denial of service that requires
users already be logged into the machine is a far smaller security
hole.  Right now, a clever hacker could most likely find a way to
cause one of the less well maintained speech-dispatcher subsystems to
execute arbitrary code, remotely though a wide-open TCP port.  I think
a switch to file sockets is a sensible short-term fix.  One of my
favorite tricks to play on blind guys I'm supporting in Vinux is to
start talking to them through the speech-dispatcher TCP port.  If you
ever let me into a machine on your network, don't be surprised when
your machines running Orca start saying the strangest things!

Bill

On Tue, Apr 27, 2010 at 7:07 PM, Samuel Thibault
<samuel thibault ens-lyon org> wrote:
> trev saunders gmail com, le Tue 27 Apr 2010 14:30:39 -0400, a écrit :
> > THere is a rather large local security problem with your use of unix sockets.  It is very easy for a local 
> > hostile user to cause a denial of service, because you put the unix sockets in a world readable place with 
> > *very* predictable names.  They are so predictable because a the only thing that the attacker has to gues 
> > is the UID of the user, and because UID's for standard users start at 1000, and are assigned in order, the 
> > attacker would only have to create say 100 files, wich with a simple shell script is trivial.
>
> That's actually not really new, compared to the previous TCP/IP
> approach.
>
> The place (or port number) has to be well-known for applications to be
> able to connect to it anyway, so any security layer needs to be added
> after connection.
>
> Samuel
>
> --
> Ubuntu-accessibility mailing list
> Ubuntu-accessibility lists ubuntu com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-accessibility