1. 05 Jan, 2015 2 commits
  2. 23 Dec, 2014 1 commit
  3. 24 Nov, 2014 2 commits
  4. 22 Nov, 2014 2 commits
    • Simon McVittie's avatar
      Revert "config: change default auth_timeout to 5 seconds" · 02e1ddf9
      Simon McVittie authored
      This reverts commit 54d26df5.
      
      It appears this change may cause intermittent slow or failed boot,
      more commonly on slower/older machines, in at least Mageia and
      possibly also Debian. This would indicate that while the system
      is under load, system services are not completing authentication
      within 5 seconds.
      
      This change was not the main part of fixing CVE-2014-3639, but does
      help to mitigate that attack. As such, increasing this timeout makes
      the denial of service attack described by CVE-2014-3639 somewhat
      more effective: a local user connecting to the system bus repeatedly
      from many parallel processes can cause other users' attempts to
      connect to take longer.
      
      If your machine boots reliably with the shorter timeout, and
      resilience against local denial of service attacks is important
      to you, putting this in /etc/dbus-1/system-local.conf
      or a file matching /etc/dbus-1/system.d/*.conf can restore
      the lower limit:
      
          <busconfig>
            <limit name="auth_timeout">5000</limit>
          </busconfig>
      
      Bug: https://bugs.freedesktop.org/show_bug.cgi?id=86431
      02e1ddf9
    • Simon McVittie's avatar
      Log to syslog when auth_timeout drops an incomplete connection · 29c64424
      Simon McVittie authored
      This is a symptom of either a denial of service attack, or a
      serious performance problem. Either way, sysadmins should know.
      
      Bug: https://bugs.freedesktop.org/show_bug.cgi?id=86431
      29c64424
  5. 14 Nov, 2014 3 commits
  6. 10 Nov, 2014 2 commits
  7. 06 Nov, 2014 2 commits
  8. 16 Sep, 2014 1 commit
  9. 15 Sep, 2014 13 commits
  10. 12 Sep, 2014 2 commits
  11. 07 Sep, 2014 1 commit
  12. 05 Sep, 2014 1 commit
  13. 04 Sep, 2014 1 commit
  14. 02 Jul, 2014 1 commit
  15. 30 Jun, 2014 3 commits
  16. 11 Jun, 2014 2 commits
  17. 10 Jun, 2014 1 commit