Magic paths for service registration

Florian Weimer fweimer at
Mon Jun 10 08:10:17 UTC 2013

I'm investigating things beyond SUID/SGID which are related to trust 
transitions and visible in the file system, mainly due to the use of 
magic paths.  I'm aiming for a fairly general concept of "trust 
transition", and I include altering browser actions when clicking on a 
hyperlink as far as they are influenced by file type registrations.

Here's what I came up with so far.  I only include things that can 
somehow be hooked by packages, which rules out files such as 
/etc/inittdb and user crontabs.



D-Bus and polkit:


Launching daemons or other background processes:



/usr/lib/systemd/system plus other paths listed in systemd.unit(5).

*.desktop and *.protocol file registries:


(Or in general, *.desktop files with with an Exec= line.)

Networking services:


Browser plugins:


I'm not sure if anything related to shared-mime-info should appear in 
this list.  As far as I can tell, the MIME types by themselves are harmless.

On top of that, there are other things code can do to expose itself 
across trust boundaries (networking, creation of temporary files, etc.), 
but detecting that requires different approaches.

The overall idea here is to identify parts of Fedora which would benefit 
most from a closer look, without actually looking at all Fedora packages 

Florian Weimer / Red Hat Product Security Team

More information about the devel mailing list