This email list is read-only. Emails sent to this list will be discarded ---------------------------------- include/security.h | 9 ++++++++- plugins/connman.policy | 10 +++++----- plugins/polkit.c | 20 +++++++++++++++++--- src/connection.c | 7 ++++++- src/connman.h | 3 ++- src/device.c | 13 ++++++++++--- src/manager.c | 7 ++++++- src/network.c | 21 +++++++++++++++++---- src/security.c | 5 +++-- 9 files changed, 74 insertions(+), 21 deletions(-)
New commits: commit 4164f01e263c846434b2bd48649edd2f88a8af91 Author: Marcel Holtmann <[email protected]> Date: Tue Jan 6 21:24:55 2009 +0100 Restrict passphrase access to secret privilege commit 77b134b5f3f2856cd6a915904b9ff3b207654c71 Author: Marcel Holtmann <[email protected]> Date: Tue Jan 6 21:20:50 2009 +0100 Add support for different security privileges Diff in this email is a maximum of 400 lines. diff --git a/include/security.h b/include/security.h index 123e6fb..9e27a5f 100644 --- a/include/security.h +++ b/include/security.h @@ -32,6 +32,12 @@ extern "C" { * @short_description: Functions for registering security modules */ +enum connman_security_privilege { + CONNMAN_SECURITY_PRIVILEGE_PUBLIC = 0, + CONNMAN_SECURITY_PRIVILEGE_MODIFY = 1, + CONNMAN_SECURITY_PRIVILEGE_SECRET = 2, +}; + #define CONNMAN_SECURITY_PRIORITY_LOW -100 #define CONNMAN_SECURITY_PRIORITY_DEFAULT 0 #define CONNMAN_SECURITY_PRIORITY_HIGH 100 @@ -39,7 +45,8 @@ extern "C" { struct connman_security { const char *name; int priority; - int (*authorize_sender) (const char *sender); + int (*authorize_sender) (const char *sender, + enum connman_security_privilege privilege); }; extern int connman_security_register(struct connman_security *security); diff --git a/plugins/connman.policy b/plugins/connman.policy index 1b34381..bc36a6d 100644 --- a/plugins/connman.policy +++ b/plugins/connman.policy @@ -6,10 +6,10 @@ <policyconfig> <vendor>Connection Manager</vendor> - <icon_name>stock_internet</icon_name> + <icon_name>network-wireless</icon_name> <action id="org.moblin.connman.modify"> - <description>Modify configuration</description> + <description>Settings configuration</description> <message>Policy prevents modification of settings</message> <defaults> <allow_inactive>no</allow_inactive> @@ -17,9 +17,9 @@ </defaults> </action> - <action id="org.moblin.connman.passphrase"> - <description>Passphrase configuration</description> - <message>Policy prevents modification of passphrases</message> + <action id="org.moblin.connman.secret"> + <description>Secrets configuration</description> + <message>Policy prevents modification of secrets</message> <defaults> <allow_inactive>no</allow_inactive> <allow_active>auth_admin_keep_always</allow_active> diff --git a/plugins/polkit.c b/plugins/polkit.c index d3ca692..de183a2 100644 --- a/plugins/polkit.c +++ b/plugins/polkit.c @@ -34,20 +34,34 @@ #include <connman/dbus.h> #include <connman/log.h> -#define ACTION "org.moblin.connman.modify" +#define ACTION_MODIFY "org.moblin.connman.modify" +#define ACTION_SECRET "org.moblin.connman.secret" static DBusConnection *connection; static PolKitContext *polkit_context; -static int polkit_authorize(const char *sender) +static int polkit_authorize(const char *sender, + enum connman_security_privilege privilege) { DBusError error; PolKitCaller *caller; PolKitAction *action; PolKitResult result; + const char *id; DBG("sender %s", sender); + switch (privilege) { + case CONNMAN_SECURITY_PRIVILEGE_PUBLIC: + return 0; + case CONNMAN_SECURITY_PRIVILEGE_MODIFY: + id = ACTION_MODIFY; + break; + case CONNMAN_SECURITY_PRIVILEGE_SECRET: + id = ACTION_SECRET; + break; + } + dbus_error_init(&error); caller = polkit_caller_new_from_dbus_name(connection, sender, &error); @@ -61,7 +75,7 @@ static int polkit_authorize(const char *sender) } action = polkit_action_new(); - polkit_action_set_action_id(action, ACTION); + polkit_action_set_action_id(action, id); result = polkit_context_is_caller_authorized(polkit_context, action, caller, TRUE, NULL); diff --git a/src/connection.c b/src/connection.c index 0b3e59c..ad38147 100644 --- a/src/connection.c +++ b/src/connection.c @@ -211,6 +211,10 @@ static DBusMessage *get_properties(DBusConnection *conn, DBG("conn %p", conn); + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_PUBLIC) < 0) + return __connman_error_permission_denied(msg); + reply = dbus_message_new_method_return(msg); if (reply == NULL) return NULL; @@ -286,7 +290,8 @@ static DBusMessage *set_property(DBusConnection *conn, dbus_message_iter_next(&iter); dbus_message_iter_recurse(&iter, &value); - if (__connman_security_check_privileges(msg) < 0) + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_MODIFY) < 0) return __connman_error_permission_denied(msg); return g_dbus_create_reply(msg, DBUS_TYPE_INVALID); diff --git a/src/connman.h b/src/connman.h index b160719..f98fc79 100644 --- a/src/connman.h +++ b/src/connman.h @@ -67,7 +67,8 @@ void __connman_plugin_cleanup(void); #include <connman/security.h> -int __connman_security_check_privileges(DBusMessage *message); +int __connman_security_check_privilege(DBusMessage *message, + enum connman_security_privilege privilege); #include <connman/ipv4.h> diff --git a/src/device.c b/src/device.c index f07128f..d865ad4 100644 --- a/src/device.c +++ b/src/device.c @@ -244,6 +244,10 @@ static DBusMessage *get_properties(DBusConnection *conn, DBG("conn %p", conn); + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_PUBLIC) < 0) + return __connman_error_permission_denied(msg); + reply = dbus_message_new_method_return(msg); if (reply == NULL) return NULL; @@ -323,7 +327,8 @@ static DBusMessage *set_property(DBusConnection *conn, dbus_message_iter_next(&iter); dbus_message_iter_recurse(&iter, &value); - if (__connman_security_check_privileges(msg) < 0) + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_MODIFY) < 0) return __connman_error_permission_denied(msg); if (g_str_equal(name, "Powered") == TRUE) { @@ -369,7 +374,8 @@ static DBusMessage *create_network(DBusConnection *conn, { DBG("conn %p", conn); - if (__connman_security_check_privileges(msg) < 0) + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_MODIFY) < 0) return __connman_error_permission_denied(msg); return __connman_error_invalid_arguments(msg); @@ -380,7 +386,8 @@ static DBusMessage *remove_network(DBusConnection *conn, { DBG("conn %p", conn); - if (__connman_security_check_privileges(msg) < 0) + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_MODIFY) < 0) return __connman_error_permission_denied(msg); return __connman_error_invalid_arguments(msg); diff --git a/src/manager.c b/src/manager.c index 7143974..f943720 100644 --- a/src/manager.c +++ b/src/manager.c @@ -152,6 +152,10 @@ static DBusMessage *get_properties(DBusConnection *conn, DBG("conn %p", conn); + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_PUBLIC) < 0) + return __connman_error_permission_denied(msg); + reply = dbus_message_new_method_return(msg); if (reply == NULL) return NULL; @@ -204,7 +208,8 @@ static DBusMessage *set_property(DBusConnection *conn, dbus_message_iter_next(&iter); dbus_message_iter_recurse(&iter, &value); - if (__connman_security_check_privileges(msg) < 0) + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_MODIFY) < 0) return __connman_error_permission_denied(msg); if (g_str_equal(name, "Policy") == TRUE) { diff --git a/src/network.c b/src/network.c index 4af71c3..cf641e2 100644 --- a/src/network.c +++ b/src/network.c @@ -83,6 +83,10 @@ static DBusMessage *get_properties(DBusConnection *conn, DBG("conn %p", conn); + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_PUBLIC) < 0) + return __connman_error_permission_denied(msg); + reply = dbus_message_new_method_return(msg); if (reply == NULL) return NULL; @@ -128,7 +132,9 @@ static DBusMessage *get_properties(DBusConnection *conn, connman_dbus_dict_append_variant(&dict, "WiFi.Security", DBUS_TYPE_STRING, &network->wifi.security); - if (network->wifi.passphrase != NULL) + if (network->wifi.passphrase != NULL && + __connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_SECRET) == 0) connman_dbus_dict_append_variant(&dict, "WiFi.Passphrase", DBUS_TYPE_STRING, &network->wifi.passphrase); @@ -153,7 +159,8 @@ static DBusMessage *set_property(DBusConnection *conn, dbus_message_iter_next(&iter); dbus_message_iter_recurse(&iter, &value); - if (__connman_security_check_privileges(msg) < 0) + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_MODIFY) < 0) return __connman_error_permission_denied(msg); if (g_str_equal(name, "Remember") == TRUE) { @@ -166,6 +173,10 @@ static DBusMessage *set_property(DBusConnection *conn, } else if (g_str_equal(name, "WiFi.Passphrase") == TRUE) { const char *passphrase; + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_SECRET) < 0) + return __connman_error_permission_denied(msg); + dbus_message_iter_get_basic(&value, &passphrase); g_free(network->wifi.passphrase); @@ -185,7 +196,8 @@ static DBusMessage *do_connect(DBusConnection *conn, DBG("conn %p", conn); - if (__connman_security_check_privileges(msg) < 0) + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_MODIFY) < 0) return __connman_error_permission_denied(msg); if (network->connected == TRUE) @@ -209,7 +221,8 @@ static DBusMessage *do_disconnect(DBusConnection *conn, DBG("conn %p", conn); - if (__connman_security_check_privileges(msg) < 0) + if (__connman_security_check_privilege(msg, + CONNMAN_SECURITY_PRIVILEGE_MODIFY) < 0) return __connman_error_permission_denied(msg); if (network->connected == FALSE) diff --git a/src/security.c b/src/security.c index 31c7734..9b27423 100644 --- a/src/security.c +++ b/src/security.c @@ -66,7 +66,8 @@ void connman_security_unregister(struct connman_security *security) security_list = g_slist_remove(security_list, security); } -int __connman_security_check_privileges(DBusMessage *message) +int __connman_security_check_privilege(DBusMessage *message, + enum connman_security_privilege privilege) { GSList *list; const char *sender; @@ -82,7 +83,7 @@ int __connman_security_check_privileges(DBusMessage *message) DBG("%s", security->name); if (security->authorize_sender) { - err = security->authorize_sender(sender); + err = security->authorize_sender(sender, privilege); break; } } _______________________________________________ Commits mailing list [email protected] https://lists.moblin.org/mailman/listinfo/commits
