Hi Michael! I decided to reply to your mail back on the smartphones-userland mailing list, thus the thread is "consistent" and so I quoted in full your mail.
On Wed, 04 Mar 2009 18:02:46 +0100, Michael 'Mickey' Lauer wrote:
> I don't have any objections to increasing the granularity of access
> control, the fact that [in OE] everything runs under the same user and
> all services share one dbus permission file is merely due to a mixture
> of not enough time and being lazy.
>
> It was -- however -- always my plan to have this fine granular control,
> that's why I decided to split the FSO architecture into individual
> subsystems [and plugins] in the first place. More over, once we move
> from the Python implementation to another reference implementation, the
> individual subsystem will be seperate processes again.
>
> Three random examples to make it clear what I'd like to see:
>
> 1.) Everyone being denied to access the serial device node except ogsmd,
> 2.) Everyone but ophoned and opimd being denied to call ogsmd,
> 3.) Everying but ousaged being forbidden to call any frameworkd's object
> org.freesmartphone.Resource, _if_ ousaged is present in the system.
>
> Some of these might be a bit too extreme, we need a couple of iterations
> here. Bottom line though is that I'd appreciate patches going into this
> direction.
Thank you for the detailed reply. ATM I use the FR as a phone only,
which means that other people should provide patches for the other
subsystems. However, here a proposed map (when applicable, links to
relevant Debian bugs):
odeviced daemon
oeventsd messagebus
ogpsd dialout
on Debian /dev/ttyS0 are root:dialout and gpsd as
well should use by default (`man gpsd`) this group
[please avoid any flame gpsd vs. gypsy, in this case
I do not care about the differences, since I am
looking for consistency among applications]
ogsmd dialout
IIRC this is the historical group for modem interactions
onetworkd netdev
already used by AFAIK avahi [1], bluez-utils [2],
NetworkManager and wpasupplicant
ophoned dialout
if I read Michael correct, this because only ophoned
and opimd can call ogsmd
opimd dialout
if I read Michael correct, this because only ophoned
and opimd can call ogsmd
opreferencesd staff
otimed staff
ousaged adm
I would refrain to use root, adm should do the same
and with less privileges
The map above is not complete, i.e. I am not sure of most of them. We
should also investigate a bit more WRT some group like powerdev (power
management stuff), plugdev, audio and video. Moreover, being member of
the staff group can have security implications, treated differently in
Debian [3][4][5] and Ubuntu [6].
Thx, bye,
Gismo / Luca
Footnotes:
[1] http://bugs.debian.org/431276
[2] http://bugs.debian.org/506677
[3] http://bugs.debian.org/299007
[4] http://bugs.debian.org/484841
[5] http://bugs.debian.org/504516
[6] https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/13795
pgpioaS6kbtKI.pgp
Description: PGP signature
_______________________________________________ Smartphones-userland mailing list Smartphones-userland@linuxtogo.org http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/smartphones-userland
