Re: Security mechanisms in connman
Thank You. I'll read more about it. Best regards Lukasz W dniu 2015-04-28 o 13:26, Sven Schwedas pisze: On 2015-04-28 13:15, Lukasz Wojciechowski wrote: Thank You Sven I did see the dbus conf, but it allows only robust security configuration at the level of interfaces and already defined users. Take a look at dbus-daemon's documentation. It allows member-level configuration, not just interfaces, and can work with groups just as well as users. I would like to have more granularity and that is why I analyzed security plugins. Let me give an example: I would like to allow only some users to configure wifi. Users can be created at runtime of a system. I would have to change connman-dbus.conf every time a user is created, removed or I just want to limit his/her privileges. With polkit working I can change or add rules that can distinguish users and methods not only interfaces. I just wonder if anyone uses it or is interested in maintaining that mechanism or is it just a relict of the past. Best regards Lukasz W dniu 2015-04-28 o 13:02, Sven Schwedas pisze: On 2015-04-28 12:42, Lukasz Wojciechowski wrote: Hi I'm studying connman's code and I'm interested in limiting access to some API. I found that there is a mechanism for defining security plugins, that set GDBusSecurityTable by calling g_dbus_register_security(). There is only one such plugin implemented - polkit plugin. However IMO it seems to be dead. It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and CONNMAN_PRIVILEGE_SECRET, but all gdbus methods registered with GDBUS_*_METHOD macros do not set privilege field in GDBusMethodTable structure. Because of that security checks are never run, because method-privilege never equals security-privilege (check_privilege() function in gdbus/object.c). So I have few questions: * What am I missing? How this security works ? * Are there any plans for defining privileges for methods ? Connman uses DBus' bus policies to limit access, cf. http://git.kernel.org/cgit/network/connman/connman.git/tree/src/connman-dbus.conf and the respective file for connman-vpn. Distributions seem to tweak those to limit/grant access. No idea what the other code is for. ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: Security mechanisms in connman
On 2015-04-28 12:42, Lukasz Wojciechowski wrote: Hi I'm studying connman's code and I'm interested in limiting access to some API. I found that there is a mechanism for defining security plugins, that set GDBusSecurityTable by calling g_dbus_register_security(). There is only one such plugin implemented - polkit plugin. However IMO it seems to be dead. It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and CONNMAN_PRIVILEGE_SECRET, but all gdbus methods registered with GDBUS_*_METHOD macros do not set privilege field in GDBusMethodTable structure. Because of that security checks are never run, because method-privilege never equals security-privilege (check_privilege() function in gdbus/object.c). So I have few questions: * What am I missing? How this security works ? * Are there any plans for defining privileges for methods ? Connman uses DBus' bus policies to limit access, cf. http://git.kernel.org/cgit/network/connman/connman.git/tree/src/connman-dbus.conf and the respective file for connman-vpn. Distributions seem to tweak those to limit/grant access. No idea what the other code is for. -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas Systemadministrator TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz Mail/XMPP: sven.schwe...@tao.at | +43 (0)680 301 7167 http://software.tao.at signature.asc Description: OpenPGP digital signature ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: Security mechanisms in connman
Thank You Sven I did see the dbus conf, but it allows only robust security configuration at the level of interfaces and already defined users. I would like to have more granularity and that is why I analyzed security plugins. Let me give an example: I would like to allow only some users to configure wifi. Users can be created at runtime of a system. I would have to change connman-dbus.conf every time a user is created, removed or I just want to limit his/her privileges. With polkit working I can change or add rules that can distinguish users and methods not only interfaces. I just wonder if anyone uses it or is interested in maintaining that mechanism or is it just a relict of the past. Best regards Lukasz W dniu 2015-04-28 o 13:02, Sven Schwedas pisze: On 2015-04-28 12:42, Lukasz Wojciechowski wrote: Hi I'm studying connman's code and I'm interested in limiting access to some API. I found that there is a mechanism for defining security plugins, that set GDBusSecurityTable by calling g_dbus_register_security(). There is only one such plugin implemented - polkit plugin. However IMO it seems to be dead. It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and CONNMAN_PRIVILEGE_SECRET, but all gdbus methods registered with GDBUS_*_METHOD macros do not set privilege field in GDBusMethodTable structure. Because of that security checks are never run, because method-privilege never equals security-privilege (check_privilege() function in gdbus/object.c). So I have few questions: * What am I missing? How this security works ? * Are there any plans for defining privileges for methods ? Connman uses DBus' bus policies to limit access, cf. http://git.kernel.org/cgit/network/connman/connman.git/tree/src/connman-dbus.conf and the respective file for connman-vpn. Distributions seem to tweak those to limit/grant access. No idea what the other code is for. ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: Security mechanisms in connman
On 2015-04-28 13:15, Lukasz Wojciechowski wrote: Thank You Sven I did see the dbus conf, but it allows only robust security configuration at the level of interfaces and already defined users. Take a look at dbus-daemon's documentation. It allows member-level configuration, not just interfaces, and can work with groups just as well as users. I would like to have more granularity and that is why I analyzed security plugins. Let me give an example: I would like to allow only some users to configure wifi. Users can be created at runtime of a system. I would have to change connman-dbus.conf every time a user is created, removed or I just want to limit his/her privileges. With polkit working I can change or add rules that can distinguish users and methods not only interfaces. I just wonder if anyone uses it or is interested in maintaining that mechanism or is it just a relict of the past. Best regards Lukasz W dniu 2015-04-28 o 13:02, Sven Schwedas pisze: On 2015-04-28 12:42, Lukasz Wojciechowski wrote: Hi I'm studying connman's code and I'm interested in limiting access to some API. I found that there is a mechanism for defining security plugins, that set GDBusSecurityTable by calling g_dbus_register_security(). There is only one such plugin implemented - polkit plugin. However IMO it seems to be dead. It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and CONNMAN_PRIVILEGE_SECRET, but all gdbus methods registered with GDBUS_*_METHOD macros do not set privilege field in GDBusMethodTable structure. Because of that security checks are never run, because method-privilege never equals security-privilege (check_privilege() function in gdbus/object.c). So I have few questions: * What am I missing? How this security works ? * Are there any plans for defining privileges for methods ? Connman uses DBus' bus policies to limit access, cf. http://git.kernel.org/cgit/network/connman/connman.git/tree/src/connman-dbus.conf and the respective file for connman-vpn. Distributions seem to tweak those to limit/grant access. No idea what the other code is for. ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas Systemadministrator TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz Mail/XMPP: sven.schwe...@tao.at | +43 (0)680 301 7167 http://software.tao.at signature.asc Description: OpenPGP digital signature ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Security mechanisms in connman
Hi I'm studying connman's code and I'm interested in limiting access to some API. I found that there is a mechanism for defining security plugins, that set GDBusSecurityTable by calling g_dbus_register_security(). There is only one such plugin implemented - polkit plugin. However IMO it seems to be dead. It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and CONNMAN_PRIVILEGE_SECRET, but all gdbus methods registered with GDBUS_*_METHOD macros do not set privilege field in GDBusMethodTable structure. Because of that security checks are never run, because method-privilege never equals security-privilege (check_privilege() function in gdbus/object.c). So I have few questions: * What am I missing? How this security works ? * Are there any plans for defining privileges for methods ? Best regards Lukasz Wojciechowski ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
