Re: [hurd-amd64] ibus test failures

[Sergey Bugaev]

Hello,

On Mon, Dec 30, 2024 at 3:36 AM Diego Nieto Cid <dnietoc@gmail.com> wrote:
>
> On Sun, Dec 29, 2024 at 11:33:47PM +0100, Samuel Thibault wrote:
> > Hello,
> >
> > Diego Nieto Cid, le dim. 29 déc. 2024 22:14:40 +0000, a ecrit:
> > >     (ibus-daemon:17123): GLib-GIO-WARNING **: 20:49:29.230: Expected a 
> > > credentials
> > >     struct of 84 bytes but got 88 bytes of data
> > >
> > > which I traced to the GIO function g_unix_credentials_message_deserialize 
> > > (which
> > > can be seen here[1]).
> > > [1] 
> > > https://gitlab.gnome.org/GNOME/glib/-/blob/main/gio/gunixcredentialsmessage.c?ref_type=heads#L115
> > >
> > > It seems to be some structure size issue on amd64 (i386 tests don't fail) 
> > > regarding
> > > SCM_CREDS implementation.
> >
> > See the error test, it's about G_CREDENTIALS_NATIVE_SIZE, see its
> > definition:
> >
> > #define G_CREDENTIALS_NATIVE_SIZE (sizeof (struct cmsgcred))
> >
> > And the definition of struct cmsgcred in bits/socket.h

This feels like an opportunity to remind everyone that the SCM_CREDS
implementation, which is shipped as a Debian downstream patch, doesn't
actually verify the credentials. I have posted a more detailed
description [0] back in Feb 2023, and still got no response. So: ping?

[0]: https://mail.gnu.org/archive/html/bug-hurd/2023-02/msg00054.html

I have also written a PoC exploit for this, which authenticates itself
to the D-Bus daemon as UID 0, even though it's not.

Sergey