[Pkg-bluetooth-maintainers] Bug#510644: bluetooth.conf needs alterations for new D-Bus
Colin Walters
walters at verbum.org
Wed Jan 7 12:26:31 PST 2009
On Wed, Jan 7, 2009 at 3:09 PM, Simon McVittie
<simon.mcvittie at collabora.co.uk> wrote:
>
> As far as I can tell, BlueZ agents work like this:
>
> * the agent (a UI process run by a user) calls a method on the hci daemon (run
> by root) and passes in its unique name and its (arbitrary) object path
> * later, the hci daemon calls a method on the agent
>
> so the only thing that can be relied on is that when the hci daemon calls
> the method, it's on the org.bluez.Agent interface!
Urf. Can we just change this to use signals? Signals can be sent to
a particular destination only (I'm pretty sure).
> Mitigating factor: the hci daemon runs as root, so only root needs
> permission to call arbitrary methods from the Agent interface on
> arbitrary processes at arbitrary object paths, and root can ptrace or
> impersonate hcid (or indeed dbus-daemon) anyway.
In the absence of extended security systems like SELinux, yes.
More information about the dbus
mailing list