Le Mon, Nov 01, 2021 at 12:15:01PM +0100, Matthieu Herrb a écrit : > On Mon, Nov 01, 2021 at 12:00:30PM +0100, Landry Breuil wrote: > > Le Sun, Oct 31, 2021 at 10:47:36PM +0100, Landry Breuil a écrit : > > <snip> > > > > > > > ** (xfce4-screensaver-dialog:72106): ERROR **: 21:36:25.353: > > > > > > > Failed to > > > > > > > connect to xfconf daemon: Cannot spawn a message bus when > > > > > > > setuid. > > > > > > > > > > > > > > I don't know much about xfconf / dbus / setuid applications > > > > > > > interactions, but this doesn't look like something related to > > > > > > > changes > > > > > > > in base. > > > > > > > > > > > > Well... iirc, nothing changed between xfconf and xfce4-screensaver > > > > > > since > > > > > > months ... ? changes in credentials passing over sockets ? > > > > > > > > > > The error messages comes from libgio-2.0.so.4200.14 part of glib2. > > > > > > > > https://gitlab.xfce.org/apps/xfce4-screensaver/-/issues/96 > > > > > > well, good catch. i'll come up with something adapted from > > > https://gitlab.alpinelinux.org/alpine/aports/-/commit/ee7f451b3a1b1bdcf1de4303369a0b8a152f4d73 > > > for bsdauth. I guess that's a regression from glib 2.70 update then, and > > > mate-screensaver might be affected by the same issue as they share the > > > same ancestor. > > > > That still strange because xfce4-screensaver-dialog has code for > > bsdauth, but if i try setting the binary setgid auth instead of setuid > > root, and remove the setgroups() call, glib will still complain the > > same, even if not setuid anymore.. > > But it's setgid, and while the error message only refers to setuid, > the glib commit makes it clear it's any kind of elevated privileges that > make it refuse to connect.
ive looked a bit and i havent found the glib commit/MR that changed this in 2.70... i've only found https://gitlab.gnome.org/GNOME/glib/-/issues/2316 which doesnt talk about gid. > > Havent looked at mate-screensaver, but the below diff adapted from above > > seems to work in my limited testing (eg xfce4-screensaver --debug, and > > xflock4 in another term). > > The problem I see with this approach is that it provides a tool that > make it possible to do brute-force password checking. > > I think that a solution where main screensaver process keeps the setgid > auth bit, forks a privileged child to do the password check and > revokes it's setgid privilege is better. But I'd like hear other > people on this (millert@, kn@,...) Well, i'm not going to be the one writing this code :) > But whether glib will properly recognise that the process doesn't have > privileges anymore is an open question before someone has looked at > the code or tried it. from looking at glib, it uses g_check_setuid: https://gitlab.gnome.org/GNOME/glib/-/blob/main/gio/gdbusaddress.c#L1097 which is implemented here: https://gitlab.gnome.org/GNOME/glib/-/blob/main/glib/gutils.c#L3013 Landry
