[Pkg-utopia-maintainers] Bug#642136: Bug#642136: Bug#642136: network-manager: Connecting to a wifi network requires org.freedesktop.NM.settings.modify.system privileges
Vincent Bernat
bernat at debian.org
Tue Sep 20 09:18:38 UTC 2011
On Tue, 20 Sep 2011 10:21:06 +0200, Michael Biebl wrote:
>> This is a wireless network I never connected to. I choose it from
>> the
>> available wireless network detected by Network Manager. Through
>> polkit
>> helper, Network Manager is asking me for administrative rights just
>> to
>> connect to this new wireless network.
>
> Ok, I guess it is clearer now what your issue is.
> With NM 0.9, the user settings service is gone, i.e. connections are
> no longer
> stored in the user session but always system wide (using the keyfile
> in
> /etc/NetworkManager/system-connections).
> Wireless connections are shared by default (ie. the setting
> "Available to all
> users" is selected).
> Writing a system setting and making it available to everyone requires
> administrative privileges. That's why you get the PolicyKit prompt.
>
> If you create a Wireless connection manually via
> nm-connection-editor:
> Run nm-connection-editor
> select tab "Wireless"
> Click "Add"
> Fill in SSID and Security settings.
> *Uncheck* "Available to all users".
> Then you shouldn't get a PK prompt, right?
Yes.
I think by default, a user should not be prompted for administrative
rights to connect to a wireless network. This could be done with a
policy stating that
org.freedesktop.NetworkManager.settings.modify.system is granted to
active users (but I think this is far too wide). Or this could be done
by not sharing wireless connections by default (in this case, I suppose
that org.freedesktop.NetworkManager.settings.modify.own will be used and
by default, active users are granted this permission).
Maybe I could retitle this bug to "Add a settings to allow
unprivilegied user to connect to unknown wireless network without
administrative rights" and set severity to wishlist. Would it be
clearer?
More information about the Pkg-utopia-maintainers
mailing list