Finding
The auth_attempted D-Bus signal broadcasts the biometric similarity score to any local listener. The daemon emitted an auth_attempted (AuthAttempted) signal whose payload included the raw cosine similarity score, and the bus policy did not deny signal reception in the default context — so any local user could dbus-monitor --system and read the score of every auth attempt.
Impact / attack scenario
The raw similarity score is a spoof-tuning oracle. An attacker iterating on a presentation attack (photo, mask, replay) can watch the exact score their attempt produced against the enrolled template and hill-climb toward the recognition threshold, dramatically shortening the search for a working spoof — all without any privilege, just by listening on the system bus. Legitimate consumers only need matched + user; the score should be dropped from the payload and signal reception denied by default to non-privileged callers.
Where it lives
crates/facelock-cli/src/commands/daemon.rs — signal emit and declaration
dbus/org.facelock.Daemon.conf — bus policy (no default signal-receive deny)
How it was found
Internal security review, July 2026 (Plan 06, signal-leak finding).
Finding
The
auth_attemptedD-Bus signal broadcasts the biometric similarity score to any local listener. The daemon emitted anauth_attempted(AuthAttempted) signal whose payload included the raw cosine similarity score, and the bus policy did not deny signal reception in the default context — so any local user coulddbus-monitor --systemand read the score of every auth attempt.Impact / attack scenario
The raw similarity score is a spoof-tuning oracle. An attacker iterating on a presentation attack (photo, mask, replay) can watch the exact score their attempt produced against the enrolled template and hill-climb toward the recognition threshold, dramatically shortening the search for a working spoof — all without any privilege, just by listening on the system bus. Legitimate consumers only need
matched+ user; the score should be dropped from the payload and signal reception denied by default to non-privileged callers.Where it lives
crates/facelock-cli/src/commands/daemon.rs— signal emit and declarationdbus/org.facelock.Daemon.conf— bus policy (no default signal-receive deny)How it was found
Internal security review, July 2026 (Plan 06, signal-leak finding).