[PATCH] More lenient D-Bus policy

Johannes Berg johannes at sipsolutions.net
Sun May 25 06:29:32 EDT 2014


On Sun, 2014-05-25 at 11:10 +0100, Zeeshan Ali (Khattak) wrote:

> > Introspect seems fine, but signals and properties might contain private
> > data like wifi keys?
> 
> Thats a fair point. I see that the following interfaces don't have any
> private data so I'll provide a v2 of this patch with only granting
> access to them:
> 
> fi.w1.wpa_supplicant1
> fi.w1.wpa_supplicant1.Interface

I don't think that's true for .Interface - I believe you can retrieve
blobs which may contain private keys.

It would also stand to reason that to avoid breaking this in the future
something should be done in the *code* to mark things as safe for
anyone. Does DBus provide any mechanism where you could tag properties
in some way and enable permissions based on that, or would it require
another interface?

johannes



More information about the HostAP mailing list