There might be some truth to the joke that "Linux" is what the systemd operating system used to be called. Systemd is one of several system services that run in userspace and communicate via IPC. You could almost imagine it as a micro-kernel design, where most of the operating system is implemented as userspace processes. At the heart of it all is dbus-daemon - a "message bus" that is used for IPC between systemd and other system services, such as polkit, accountsservice, UDisks2, and aptd.
The D-Bus ecosystem enables unprivileged processes to communicate securely with privileged system services, often with polkit playing a key role in authorizing actions that require higher privileges. In this presentation, I will explain the basics of D-Bus and show how some of the system services, such as polkit and accountsservice, fit together. Some aspects of the architecture, particularly those relating to security, are quite subtle, so there are sometimes loopholes in the design that enable an unprivileged user to either cause a denial of service or escalate privileges. I will demo two such LPE vulnerabilities that I found during the past year.