touch-packages team mailing list archive

Thread
Date

[Bug 1340345] Re: please use exclusive pipe access for /dev/socket/micshm

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Thu, 31 Jul 2014 17:16:43 -0000
Reply-to: Bug 1340345 <1340345@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Regarding the file permissions: since apps run in the user's session
under the user's UID, apps would have this access. Apps with the camera
policy group (a common policy group available to apps without
restriction) would then be able to access the socket. I'm not sure what
you mean by 'as a user by the same name'. Apps can fork and change their
exec line to fake being another app's executable. Can you elaborate?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to qtubuntu-camera in Ubuntu.
https://bugs.launchpad.net/bugs/1340345

Title:
  please use exclusive pipe access for /dev/socket/micshm

Status in “qtubuntu-camera” package in Ubuntu:
  Triaged

Bug description:
  13:28 < jdstrand> jhodapp: ok, so, unless there are implementation flaws (which are just bugs that we can fix later on), a malicious app with access to /android/micshm can't do anything to DoS the service or to record in the background, correct?
  13:29 < jhodapp> jdstrand: correct, because there technically would be a reader on the Android side always open, but it won't be doing any reads unless triggered by kicking off the recording process
  13:34 < jdstrand> jhodapp: could a malicious app could in theory interfere with an app that is already recording?
  13:35 < jhodapp> jdstrand: in theory yes...I need to see if I could have the active reader/writer pair open the named pipe exclusively
  13:36 < jhodapp> jdstrand: so that only one writer is allowed
  13:49 < jdstrand> jhodapp: I think that would be a reasonable security improvement. I won't block adding the rule to policy though. pulseaudio itself isn't particularly great on this point aiui, and it too will need to be hardened
  13:49 < jhodapp> jdstrand: indeed...exclusive pipe access would actually be an improvement over how AudioFlinger does it...I'm pretty sure it's using an unprotected pipe

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qtubuntu-camera/+bug/1340345/+subscriptions