Re: Security mechanisms in connman
Thank You. I'll read more about it. Best regards Lukasz W dniu 2015-04-28 o 13:26, Sven Schwedas pisze: On 2015-04-28 13:15, Lukasz Wojciechowski wrote: Thank You Sven I did see the dbus conf, but it allows only robust security configuration at the level of interfaces and already defined users. Take a look at dbus-daemon's documentation. It allows member-level configuration, not just interfaces, and can work with groups just as well as users. I would like to have more granularity and that is why I analyzed security plugins. Let me give an example: I would like to allow only some users to configure wifi. Users can be created at runtime of a system. I would have to change connman-dbus.conf every time a user is created, removed or I just want to limit his/her privileges. With polkit working I can change or add rules that can distinguish users and methods not only interfaces. I just wonder if anyone uses it or is interested in maintaining that mechanism or is it just a relict of the past. Best regards Lukasz W dniu 2015-04-28 o 13:02, Sven Schwedas pisze: On 2015-04-28 12:42, Lukasz Wojciechowski wrote: Hi I'm studying connman's code and I'm interested in limiting access to some API. I found that there is a mechanism for defining security plugins, that set GDBusSecurityTable by calling g_dbus_register_security(). There is only one such plugin implemented - polkit plugin. However IMO it seems to be dead. It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and CONNMAN_PRIVILEGE_SECRET, but all gdbus methods registered with GDBUS_*_METHOD macros do not set privilege field in GDBusMethodTable structure. Because of that security checks are never run, because method->privilege never equals security->privilege (check_privilege() function in gdbus/object.c). So I have few questions: * What am I missing? How this security works ? * Are there any plans for defining privileges for methods ? Connman uses DBus' bus policies to limit access, cf. http://git.kernel.org/cgit/network/connman/connman.git/tree/src/connman-dbus.conf and the respective file for connman-vpn. Distributions seem to tweak those to limit/grant access. No idea what the other code is for. ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: Security mechanisms in connman
On 2015-04-28 13:15, Lukasz Wojciechowski wrote: > Thank You Sven > > I did see the dbus conf, but it allows only robust security > configuration at the level of interfaces and already defined users. Take a look at dbus-daemon's documentation. It allows member-level configuration, not just interfaces, and can work with groups just as well as users. > I would like to have more granularity and that is why I analyzed > security plugins. > > Let me give an example: > I would like to allow only some users to configure wifi. Users can be > created at runtime of a system. I would have to change connman-dbus.conf > every time a user is created, removed or I just want to limit his/her > privileges. With polkit working I can change or add rules that can > distinguish users and methods not only interfaces. > > I just wonder if anyone uses it or is interested in maintaining that > mechanism or is it just a relict of the past. > > Best regards > Lukasz > > W dniu 2015-04-28 o 13:02, Sven Schwedas pisze: >> On 2015-04-28 12:42, Lukasz Wojciechowski wrote: >>> Hi >>> >>> I'm studying connman's code and I'm interested in limiting access to >>> some API. >>> I found that there is a mechanism for defining security plugins, that >>> set GDBusSecurityTable by calling g_dbus_register_security(). >>> There is only one such plugin implemented - polkit plugin. >>> >>> However IMO it seems to be dead. >>> It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and >>> CONNMAN_PRIVILEGE_SECRET, >>> but all gdbus methods registered with GDBUS_*_METHOD macros do not set >>> privilege field in GDBusMethodTable structure. >>> Because of that security checks are never run, because method->privilege >>> never equals security->privilege (check_privilege() function in >>> gdbus/object.c). >>> >>> So I have few questions: >>> * What am I missing? How this security works ? >>> * Are there any plans for defining privileges for methods ? >> Connman uses DBus' bus policies to limit access, cf. >> >>> http://git.kernel.org/cgit/network/connman/connman.git/tree/src/connman-dbus.conf >>> >> and the respective file for connman-vpn. Distributions seem to tweak >> those to limit/grant access. >> >> No idea what the other code is for. >> >> >> >> ___ >> connman mailing list >> connman@connman.net >> https://lists.connman.net/mailman/listinfo/connman > > ___ > connman mailing list > connman@connman.net > https://lists.connman.net/mailman/listinfo/connman -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas Systemadministrator TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz Mail/XMPP: sven.schwe...@tao.at | +43 (0)680 301 7167 http://software.tao.at signature.asc Description: OpenPGP digital signature ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: Security mechanisms in connman
Thank You Sven I did see the dbus conf, but it allows only robust security configuration at the level of interfaces and already defined users. I would like to have more granularity and that is why I analyzed security plugins. Let me give an example: I would like to allow only some users to configure wifi. Users can be created at runtime of a system. I would have to change connman-dbus.conf every time a user is created, removed or I just want to limit his/her privileges. With polkit working I can change or add rules that can distinguish users and methods not only interfaces. I just wonder if anyone uses it or is interested in maintaining that mechanism or is it just a relict of the past. Best regards Lukasz W dniu 2015-04-28 o 13:02, Sven Schwedas pisze: On 2015-04-28 12:42, Lukasz Wojciechowski wrote: Hi I'm studying connman's code and I'm interested in limiting access to some API. I found that there is a mechanism for defining security plugins, that set GDBusSecurityTable by calling g_dbus_register_security(). There is only one such plugin implemented - polkit plugin. However IMO it seems to be dead. It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and CONNMAN_PRIVILEGE_SECRET, but all gdbus methods registered with GDBUS_*_METHOD macros do not set privilege field in GDBusMethodTable structure. Because of that security checks are never run, because method->privilege never equals security->privilege (check_privilege() function in gdbus/object.c). So I have few questions: * What am I missing? How this security works ? * Are there any plans for defining privileges for methods ? Connman uses DBus' bus policies to limit access, cf. http://git.kernel.org/cgit/network/connman/connman.git/tree/src/connman-dbus.conf and the respective file for connman-vpn. Distributions seem to tweak those to limit/grant access. No idea what the other code is for. ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Re: Security mechanisms in connman
On 2015-04-28 12:42, Lukasz Wojciechowski wrote: > Hi > > I'm studying connman's code and I'm interested in limiting access to > some API. > I found that there is a mechanism for defining security plugins, that > set GDBusSecurityTable by calling g_dbus_register_security(). > There is only one such plugin implemented - polkit plugin. > > However IMO it seems to be dead. > It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and > CONNMAN_PRIVILEGE_SECRET, > but all gdbus methods registered with GDBUS_*_METHOD macros do not set > privilege field in GDBusMethodTable structure. > Because of that security checks are never run, because method->privilege > never equals security->privilege (check_privilege() function in > gdbus/object.c). > > So I have few questions: > * What am I missing? How this security works ? > * Are there any plans for defining privileges for methods ? Connman uses DBus' bus policies to limit access, cf. > http://git.kernel.org/cgit/network/connman/connman.git/tree/src/connman-dbus.conf and the respective file for connman-vpn. Distributions seem to tweak those to limit/grant access. No idea what the other code is for. -- Mit freundlichen Grüßen, / Best Regards, Sven Schwedas Systemadministrator TAO Beratungs- und Management GmbH | Lendplatz 45 | A - 8020 Graz Mail/XMPP: sven.schwe...@tao.at | +43 (0)680 301 7167 http://software.tao.at signature.asc Description: OpenPGP digital signature ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman
Security mechanisms in connman
Hi I'm studying connman's code and I'm interested in limiting access to some API. I found that there is a mechanism for defining security plugins, that set GDBusSecurityTable by calling g_dbus_register_security(). There is only one such plugin implemented - polkit plugin. However IMO it seems to be dead. It registers polkit checks for privileges: CONNMAN_PRIVILEGE_MODIFY and CONNMAN_PRIVILEGE_SECRET, but all gdbus methods registered with GDBUS_*_METHOD macros do not set privilege field in GDBusMethodTable structure. Because of that security checks are never run, because method->privilege never equals security->privilege (check_privilege() function in gdbus/object.c). So I have few questions: * What am I missing? How this security works ? * Are there any plans for defining privileges for methods ? Best regards Lukasz Wojciechowski ___ connman mailing list connman@connman.net https://lists.connman.net/mailman/listinfo/connman