@Jamie I asked Alfosno to prototype granting access with a DBus configuration change alone as proof-of-concept. Note, as the script we've been using for testing is a Python script, the "Introspectable" fragment was needed. As system settings is Qt-based, this may not be needed. We'll need Jonas to confirm.
As this approach works, I'm not sure whether or not the added polkit layer actually buys us much more security. As previously mentioned, all non-core click apps are confined, and cannot access DBus on their own. The only way an unconfined phablet processes could land on the phone ( besides our core apps ) is if a user enables developer-mode and installs the app via dpkg or directly via a binary installer, which means the extra polkit protection could easily be circumvented. I think a developer would also discover pretty quickly that a new app was malicious if the WiFi hardware stopped working as a client, due to it's being put into hotspot mode. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1426923 Title: Allow ubuntu-system-settings to set a device's firmware To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpasupplicant/+bug/1426923/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
