On Sat, Jul 07, 2007 at 07:28:50PM +0200, Filippo Giunchedi wrote:
On Thu, Oct 19, 2006 at 12:27:14AM +0200, Moritz Muehlenhoff wrote:
Filippo Giunchedi wrote:
From what I can tell, when the user reaches the point where he cares
about not
having a default pin he can even change
On Thu, Oct 19, 2006 at 12:27:14AM +0200, Moritz Muehlenhoff wrote:
Filippo Giunchedi wrote:
From what I can tell, when the user reaches the point where he cares about
not
having a default pin he can even change permissions. My rationale being that
bluetooth is not meant to be used in an
Filippo Giunchedi wrote:
From what I can tell, when the user reaches the point where he cares about not
having a default pin he can even change permissions. My rationale being that
bluetooth is not meant to be used in an hostile environment, moreover the
security features are rather weak FWIW.
On Mon, Oct 09, 2006 at 12:21:22AM +0200, Moritz Muehlenhoff wrote:
Mikko Rapeli wrote:
This small bug affects sarge too so I'm cc'ing security. Attached patches
restrict the permissions for sarge and etch/sid so that non-root users can
not read the default pin value used in Bluetooth
[CCing upstream]
On Mon, Oct 09, 2006 at 10:27:56AM +0300, Mikko Rapeli wrote:
On Mon, Oct 09, 2006 at 12:21:22AM +0200, Moritz Muehlenhoff wrote:
Mikko Rapeli wrote:
This small bug affects sarge too so I'm cc'ing security. Attached patches
restrict the permissions for sarge and
Hi Filippo,
In most cases, this is just a minor bug. At least having a default pin
and 'pairing multi' on by default are much bigger issues, but it's a
security related deviation from upstream. I would like to see this fixed.
From what I can tell, when the user reaches the point where
Mikko Rapeli wrote:
This small bug affects sarge too so I'm cc'ing security. Attached patches
restrict the permissions for sarge and etch/sid so that non-root users can
not read the default pin value used in Bluetooth authentication.
I know next to nothing about Bluetooth. What could a
This small bug affects sarge too so I'm cc'ing security. Attached patches
restrict the permissions for sarge and etch/sid so that non-root users can
not read the default pin value used in Bluetooth authentication.
The postinst script was manually tested with fresh installs and upgrades
on both
8 matches
Mail list logo