On 12/16/25 08:27, [email protected] wrote:
[...]
But this dbus/systemd thing is only meant as illustration; there are plenty
of other ways to (ab)use this; in particular, xwayland / recent linux distros
have gutted the X11 cookie auth, only relying on "si:localuser" (i.e. on
SO_PEERCRED checks) for authentication.
This looks to me like the problem here is systemd and wayland offering
abusable endpoints and distributions intentionally weakening security.
Gutting X11 cookie auth is *completely* *inexcusable* in a networked
environment. Could that itself qualify for a CVE on all distributions
that do it?
-- Jacob
