Follow

Nasty Linux systemd root level security bug revealed and patched. If you're running most recent Linux distributions, you'll need to patch it now. zdnet.com/article/nasty-linux-

· · Web · 3 · 23 · 9

That's not the only reason this bug hid in plain sight for so long. Backhouse explained the security hole isn't triggered every time you run programs that can call it. Why? It turns out that polkit asks dbus-daemon for the UID [User ID] of the requesting process multiple times, on different codepaths. Most of those codepaths handle the error correctly, but one of them doesn't. If you kill the dbus-send command early, it's handled by one of the correct codepaths and the request is rejected. To trigger the vulnerable codepath, you have to disconnect at just the right moment. And because there are multiple processes involved, the timing of that "right moment" varies from one run to the next. That's why it usually takes a few tries for the exploit to succeed. I'd guess it's also the reason why the bug wasn't previously discovered.

@yogthos @stman

@stman @yogthos yeah, I'll be watching it reservedly. I instantly started reeling at the idea that we need to work around the security problems of other people holding our (personal) data. There is plenty to learn here, however. I am interested about her idea about centralizing policy in the software architecture.

I'll hold my response to your questions until I've studied this Polkit error and this video some more.

@stman
I'm trying to find a mapping from groups to operations on a unit circle

At the macro level, the abstract syntax tree is an edge node model, and that it can consistantly be compiled into an FSM, which is a vertex model. There's a fundamental level at which both are closures, which is to say that there's a state and a process associated with that state such that achieving the state and invoking the process are functionally equivalent. At this *OP protection comes from fact that the FSM model targeted by the compiler is a declarative language that defines the semantics of the desired operations; imperative and functional aspects, like mapping symbols to memory locations, are irretrievably outside user space

At the lowest level, computation is performed on the unit circle. Low voltage and high voltage are semantically mapped to zero and one, which is possible in binary arithmetic because multiplication (xor) over the group [1,-1] is isomorphic to addition mod 2 over the group [0,1]. In classical computing, this is one dimensional. In quantum computing, introductory examples like Deutch's algorithm are illustrated with a state machine implemented on the unit circle described by operations on a 2x2 matrix, while more complex examples operate on a 4x4 matrix. In either case, there are a finite number of transformations that can be performed, and these correspond to the notion of gates. Reasoning from lesser to greater, any operation that can be performed on a unit circle dimension one can be done in higher dimensions, so the immediate concern of designing an ISA that serves as a bidirectional map between the FSM description and the logic gates is enough for the moment (1/2)
@yogthos @theruran @vertigo

@stman
This is where constructor theory enters the picture. Although created to serve as a theory of computation capable of describing quantum computing, classical computing is by necessity part of the picture being described

Rather than the writing head and data tape of a Turing Machine, a constructor is, essentially, just the writing head. The tape, called the substrate, is all the state available. The nature of the system is that the constructor can only make state changes consistent with intrinsic properties of that substrate

On the user side of the substrate, the constructor can interact with any object for which it has reference and request any processing semantics available to it, but this is completely devoid of any mechanism to deference a pointer or access concrete memory locations. Nor can the constructor change any other intrinsic property of the substrate, e.g. global name or the contents described by a surface reference
(2/2)
@yogthos @theruran @vertigo

@yogthos wait, this is about the Polkit bug, not about systemd, right?

That post's title was very misleading...

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!