[OTR-dev] private messages on dbus

Dimitris Glynos dimitris at census-labs.com
Tue Dec 20 19:49:41 EST 2011


On 12/21/2011 01:11 AM, khc at hxbc.us wrote:
> On Tue, 20 Dec 2011 12:02:38 +0200, Dimitris Glynos wrote:
>> Hello all,
>>
>> I was wondering if pidgin could allow for certain chat types
>> to be flagged as private and not transmit these over dbus.
>> I don't know how much dbus is hardwired to pidgin (is it used
>> also for capturing the messages displayed on the pidgin GUI?)
>> but the fact that a local attacker can access OTR plaintext
>> from a dbus session monitor is quite unnerving.
> 
> a local attacker can already ptrace the pidgin process and do
> pretty much anything.

Yes, the word 'local' is used incorrectly in the original post.
Consider a remote attacker that exploits some app running
in the same desktop session as pidgin. It is trivial
to fork-exec a dbus session monitor from there and retrieve the
sensitive info.

Now, regarding ptrace although it was generally possible in
the past to attach to processes of the same user, this has
been restricted somewhat in modern distro's. Specifically,
distro's like Ubuntu allow (non-root) ptrace only to
processes that are children of the ptrace-caller.

For more info on this, have a look here:
https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace_Protection

Hope this clarifies things a bit,

Dimitris



More information about the OTR-dev mailing list