[PATCH] More lenient D-Bus policy
Johannes Berg
johannes
Sun May 25 03:29:32 PDT 2014
On Sun, 2014-05-25 at 11:10 +0100, Zeeshan Ali (Khattak) wrote:
> > Introspect seems fine, but signals and properties might contain private
> > data like wifi keys?
>
> Thats a fair point. I see that the following interfaces don't have any
> private data so I'll provide a v2 of this patch with only granting
> access to them:
>
> fi.w1.wpa_supplicant1
> fi.w1.wpa_supplicant1.Interface
I don't think that's true for .Interface - I believe you can retrieve
blobs which may contain private keys.
It would also stand to reason that to avoid breaking this in the future
something should be done in the *code* to mark things as safe for
anyone. Does DBus provide any mechanism where you could tag properties
in some way and enable permissions based on that, or would it require
another interface?
johannes
More information about the Hostap
mailing list