Le 18/11/2014 10:41, Patrick Ohly a écrit :
On Tue, 2014-11-18 at 10:30 +0100, Dominig ar Foll (Intel OTC) wrote:
Le 17/11/2014 11:00, Patrick Ohly a écrit :
I've argued that it is the latter (see also
https://bugs.tizen.org/jira/browse/TC-1411) while the NTB developers
claim that the less secure access control in NTB is good enough for 3.0.
You are correct, as BT FW demon run with the Bluetooth user ID, we will
have to filter other user make direct call to BlueZ.
That can be done quite easily via a dbus policy.
I doubt that a dbus-daemon policy could be used to protect against
malicious users. dbus-daemon has no knowledge about which devices a user
is allowed to access.
We cannot block all accesses either, because that would break NTB, which
relies on getting at least some D-Bus calls from a non-privileged user
process handled directly by Bluez.
I thought that the Dbus integration in Cynera would allow us to activate
privileged autorisation for given users.
Could we not use that model ?
Dominig ar Foll
Senior Software Architect
Open Source Technology Centre
Intel SSG
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
