Hi
I'm studying connman's code and I'm interested in limiting access to
some API.
I found that there is a mechanism for defining security plugins, that
set GDBusSecurityTable by calling g_dbus_register_security().
There is only one such plugin implemented - polkit plugin.
However IMO it seems to be dead.
It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and
CONNMAN_PRIVILEGE_SECRET,
but all gdbus methods registered with GDBUS_*_METHOD macros do not set
privilege field in GDBusMethodTable structure.
Because of that security checks are never run, because method->privilege
never equals security->privilege (check_privilege() function in
gdbus/object.c).
So I have few questions:
* What am I missing? How this security works ?
* Are there any plans for defining privileges for methods ?
Best regards
Lukasz Wojciechowski
_______________________________________________
connman mailing list
connman@connman.net
https://lists.connman.net/mailman/listinfo/connman
