[RESEND PATCH] wpa_supplicant: don't do <deny send_interface="..." /> in dbus service file

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



It does more than intended; apart from denying messages to that particular
interface it also denies all messages non-qualified with an interface globally.
This blocks messages completely unrelated to wpa_supplicant, such as
NetworkManager communication with the VPN plugins.

>From the dbus-daemon manual:

  Be careful with send_interface/receive_interface, because the
  interface field in messages is optional. In particular, do NOT
  specify <deny send_interface="org.foo.Bar"/>! This will cause
  no-interface messages to be blocked for all services, which is almost
  certainly not what you intended. Always use rules of the form: <deny
  send_interface="org.foo.Bar" send_destination="org.foo.Service"/>

We can just safely remove those rules, since we're sufficiently protected
by the send_destination matches and method calls are disallowed by default
anyway.

Signed-off-by: Lubomir Rintel <lkundrak@xxxxx>
---

Clarified the commit message a bit compared to the previous posting.

 wpa_supplicant/dbus/dbus-wpa_supplicant.conf | 2 --
 1 file changed, 2 deletions(-)

diff --git a/wpa_supplicant/dbus/dbus-wpa_supplicant.conf b/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
index c091234..382dcb3 100644
--- a/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
+++ b/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
@@ -17,11 +17,9 @@
         <policy context="default">
                 <deny own="fi.epitest.hostap.WPASupplicant"/>
                 <deny send_destination="fi.epitest.hostap.WPASupplicant"/>
-                <deny send_interface="fi.epitest.hostap.WPASupplicant"/>
 
                 <deny own="fi.w1.wpa_supplicant1"/>
                 <deny send_destination="fi.w1.wpa_supplicant1"/>
-                <deny send_interface="fi.w1.wpa_supplicant1"/>
                 <deny receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
         </policy>
 </busconfig>
-- 
2.5.0


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux