Bad owner of /dev/shm/qb-65059-65122-12-lJbC1D directory

[radosroka]

Why is the owner group of the qb-65059-65122-12-lJbC1D set to rsroka when it should be root as it is(correctly) in files inside that directory.

The USBGuard is setting this via qb_ipcs_connection_auth_set in Connection Accept fn.

qb_ipcs_connection_auth_set(conn, uid, 0, 0660);

[root@Axis shm]# ls
qb-65059-65122-12-lJbC1D
[root@Axis shm]# ls -la
total 0
drwxrwxrwt.  3 root   root     60 Nov 14 17:39 .
drwxr-xr-x. 23 root   root   4540 Nov 14 15:58 ..
drwxrwx---.  2 rsroka rsroka  160 Nov 14 15:36 qb-65059-65122-12-lJbC1D
[root@Axis shm]# ls -la qb-65059-65122-12-lJbC1D/
total 3120
drwxrwx---. 2 rsroka rsroka     160 Nov 14 15:36 .
drwxrwxrwt. 3 root   root        60 Nov 14 17:39 ..
-rw-rw----. 1 rsroka root   1052672 Nov 14 15:36 qb-event-usbguard-data
-rw-rw----. 1 rsroka root      8248 Nov 14 15:36 qb-event-usbguard-header
-rw-rw----. 1 rsroka root   1052672 Nov 14 15:36 qb-request-usbguard-data
-rw-rw----. 1 rsroka root      8252 Nov 14 15:36 qb-request-usbguard-header
-rw-rw----. 1 rsroka root   1052672 Nov 14 15:36 qb-response-usbguard-data
-rw-rw----. 1 rsroka root      8248 Nov 14 15:36 qb-response-usbguard-header
[root@Axis shm]# 

The USBGuard is running an IPC "server" as a root and usbguard-notifier or usbguard-applet-qt are running an IPC "client" under standard user. This permission inconsistency results in extending daemon capabilities with DAC_OVERRIDE which is not good at all.