On Mon, Nov 01, 2021 at 12:00:30PM +0100, Landry Breuil wrote: > Le Sun, Oct 31, 2021 at 10:47:36PM +0100, Landry Breuil a écrit : > <snip> > > > > > > ** (xfce4-screensaver-dialog:72106): ERROR **: 21:36:25.353: Failed > > > > > > to > > > > > > connect to xfconf daemon: Cannot spawn a message bus when setuid. > > > > > > > > > > > > I don't know much about xfconf / dbus / setuid applications > > > > > > interactions, but this doesn't look like something related to > > > > > > changes > > > > > > in base. > > > > > > > > > > Well... iirc, nothing changed between xfconf and xfce4-screensaver > > > > > since > > > > > months ... ? changes in credentials passing over sockets ? > > > > > > > > The error messages comes from libgio-2.0.so.4200.14 part of glib2. > > > > > > https://gitlab.xfce.org/apps/xfce4-screensaver/-/issues/96 > > > > well, good catch. i'll come up with something adapted from > > https://gitlab.alpinelinux.org/alpine/aports/-/commit/ee7f451b3a1b1bdcf1de4303369a0b8a152f4d73 > > for bsdauth. I guess that's a regression from glib 2.70 update then, and > > mate-screensaver might be affected by the same issue as they share the > > same ancestor. > > That still strange because xfce4-screensaver-dialog has code for > bsdauth, but if i try setting the binary setgid auth instead of setuid > root, and remove the setgroups() call, glib will still complain the > same, even if not setuid anymore..
But it's setgid, and while the error message only refers to setuid, the glib commit makes it clear it's any kind of elevated privileges that make it refuse to connect. > > Havent looked at mate-screensaver, but the below diff adapted from above > seems to work in my limited testing (eg xfce4-screensaver --debug, and > xflock4 in another term). The problem I see with this approach is that it provides a tool that make it possible to do brute-force password checking. I think that a solution where main screensaver process keeps the setgid auth bit, forks a privileged child to do the password check and revokes it's setgid privilege is better. But I'd like hear other people on this (millert@, kn@,...) But whether glib will properly recognise that the process doesn't have privileges anymore is an open question before someone has looked at the code or tried it. -- Matthieu Herrb
