[Pkg-utopia-maintainers] [Pkg-bluetooth-maintainers] Bug#510644: bluetooth.conf needs alterations for new D-Bus
Simon McVittie
simon.mcvittie at collabora.co.uk
Wed Jan 7 20:09:19 UTC 2009
On Wed, 07 Jan 2009 at 14:45:37 -0500, Colin Walters wrote:
> On Wed, Jan 7, 2009 at 2:17 PM, Simon McVittie
> <simon.mcvittie at collabora.co.uk> wrote:
> >
> >> Unfortunately they don't a well known service name nor object path, agents are
> >> user-registered
> >
> > Never mind. We have a lot of these rules in the archive anyway
> > (http://bugs.debian.org/cgi-bin/pkgreport.cgi?users=pkg-utopia-maintainers@lists.alioth.debian.org&tag=fdo-18961)
> > and as far as I can tell it's not a release-critical bug, particularly
> > as an <allow> rule... so leave it like that unless D-Bus upstream can
> > explain something better.
>
> What's the scenario exactly? I had thought the <allow
> send_destination="org.bluez"/> was sufficient for bluetooth; is that
> not the case?
As far as I can tell, BlueZ agents work like this:
* the agent (a UI process run by a user) calls a method on the hci daemon (run
by root) and passes in its unique name and its (arbitrary) object path
* later, the hci daemon calls a method on the agent
so the only thing that can be relied on is that when the hci daemon calls
the method, it's on the org.bluez.Agent interface!
Mitigating factor: the hci daemon runs as root, so only root needs
permission to call arbitrary methods from the Agent interface on
arbitrary processes at arbitrary object paths, and root can ptrace or
impersonate hcid (or indeed dbus-daemon) anyway.
Simon
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20090107/53b618c7/attachment.pgp
More information about the Pkg-utopia-maintainers
mailing list