I reviewed realmd 0.16.3-3 as checked into focal. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
realmd automates configuring kerberos, ldap, sssd, ipa, etc on the system,
and provides a dbus interface and command line tool.
- CVE History:
- one cve in our database, CVE-2015-2704, only open in trusty
- Build-Depends: debhelper,
intltool,
libglib2.0-dev,
libkrb5-dev,
libldap2-dev,
libpolkit-gobject-1-dev,
libsystemd-dev,
pkg-config,
python3:any,
xmlto,
xsltproc
- pre/post inst/rm scripts only automatically added sections
- no init scripts
- systemd unit is dbus activated
- no setuid binaries
- realm binary in PATH
- no sudo fragments
- polkit file allows anyone to discover realms, requires admin account to
join or part realms, or change local machine login policy
- no udev rules
- extensive tests run during the build
- no cron jobs
- clean build logs
- Spawns processes, given in a configuration file; looked safe
- Memory management is typical glib / freedesktop style, looked safe
- File IO
- I believe paths to files are constructed dynmically, stored in a
hashtable at runtime, it's a bit hard to follow
- logging looked careful
- Environment variables PATH, REALM_DEBUG, REALM_PERSIST, LOGNAME are used
where they make sense, seeemed to be handled well
- No privileged syscall use
- Does not itself do cryptography
- Use of temp files?
- only temp files are in test code
- Use of networking?
- very little networking itself, the use of unix sockets for internal
use, and use of a tcp socket for ldap, looked safe.
- No webkit
- Use of PolicyKit?
- provides a policykit backend, uses
polkit_authority_check_authorization_sync() with the flag requesting
user interaction
- cppcheck results look like false positives
- coverity not checked
- shellcheck not relevant
realmd is a typical freedesktop program written with glib -- it's
abstracted enough that it's a little difficult to follow and get the
overall flow of the program, but every individual line looks fine. Errors
are handled throughout, there's good comments where they help, etc.
It's not my favourite coding style but it is professionally developed and
looks up to task.
I also don't love the packagekit integration: packagekit upstream has
declared it's reached an end, and I'd rather someone configuring their
system for an environment have chosen their packages themselves.
However these aren't deal-breakers.
Security team ACK for promoting realmd to main.
Can someone double-check the function realm_samba_winbind_configure_async()?
I'm afraid the idmap uid, gid, ranges may not be appropriate on
debian/ubuntu systems.
Bug filed while reviewing:
https://gitlab.freedesktop.org/realmd/realmd/-/issues/27
** Changed in: realmd (Ubuntu)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
** Bug watch added: gitlab.freedesktop.org/realmd/realmd/-/issues #27
https://gitlab.freedesktop.org/realmd/realmd/-/issues/27
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2015-2704
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1868154
Title:
[MIR] realmd
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/realmd/+bug/1868154/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
