[PATCHv3] libmbim-glib, proxy: add a configure flag to set the user ID of MBIM proxy
Aleksander Morgado
aleksander at aleksander.es
Fri Nov 7 10:56:44 PST 2014
On Fri, Nov 7, 2014 at 7:39 PM, Dan Williams <dcbw at redhat.com> wrote:
> On Fri, 2014-11-07 at 09:20 -0800, Roshan Pius wrote:
>> Currently, the MBIM proxy process assumes that it is run as root user and
>> that all incoming client connection users are also root.
>> However, it's not always preferable to run the MBIM proxy as root for
>> security reasons. On some platforms, the MBIM proxy could be constrained
>> to run as a less-privileged user and specially granted the permission to
>> access the MBIM device. So, adding a compile time flag in libmbim to check
>> for the specified user, rather than assume it to be the root user. If the flag is
>> not sent, it'll revert to the existing behaviour of checking for
>> user=root(i.e UID=0)
>
> Looks OK to me.
Great!
Roshan, will you now write the patch to chown the devices to the
specific user given in that configure flag? That would be superb.
I'll actually test the patch in the following days and merge it afterwards.
Plus, anyone willing to do the same for libqmi? :)
--
Aleksander
https://aleksander.es
More information about the libmbim-devel
mailing list