[Pkg-bluetooth-maintainers] Bug#510644: bluetooth.conf needs alterations for new D-Bus

Colin Walters walters at verbum.org
Wed Jan 7 12:26:31 PST 2009


On Wed, Jan 7, 2009 at 3:09 PM, Simon McVittie
<simon.mcvittie at collabora.co.uk> wrote:
>
> As far as I can tell, BlueZ agents work like this:
>
> * the agent (a UI process run by a user) calls a method on the hci daemon (run
>  by root) and passes in its unique name and its (arbitrary) object path
> * later, the hci daemon calls a method on the agent
>
> so the only thing that can be relied on is that when the hci daemon calls
> the method, it's on the org.bluez.Agent interface!

Urf.  Can we just change this to use signals?  Signals can be sent to
a particular destination only (I'm pretty sure).

> Mitigating factor: the hci daemon runs as root, so only root needs
> permission to call arbitrary methods from the Agent interface on
> arbitrary processes at arbitrary object paths, and root can ptrace or
> impersonate hcid (or indeed dbus-daemon) anyway.

In the absence of extended security systems like SELinux, yes.


More information about the dbus mailing list