Re: [PATCH BlueZ 0/2] Add device_set_trusted()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Bastien,

On Fri, Feb 15, 2013, Bastien Nocera wrote:
> > This patch set makes me a bit uneasy since setting a device as trusted
> > is a security sensitive operation. My initial reaction is that this
> > should only be done through explicit user interaction, i.e. through the
> > D-Bus interface.
> 
> How is using D-Bus interface "user interaction"? It's not any more user
> interaction than doing it this way, which avoid going out through the
> public interface for something we are setting up ourselves.

Typically you'd get a pop-up dialog on the next connect attempt from
this device "accept connection from foo?" with a check-box or similar to
elect setting it as trusted. Alternatively the stuff that this plugin
does upon initial device setup could cause a similar pop-up dialog to be
presented to the user.

> >  I'm also worried that plugins will start misusing this
> > API once it's available.
> 
> I think that it's completely fair for plugins that *do* set up devices
> to call this function. That's what the plugin is all about. Seeing as
> devices should be marked as trusted to be usable, I see no reason that
> this shouldn't be done automatically.

How does the plugin that this API is primarily targeted for setup the
device? Does it do it through some physical connection like USB? In such
a case it's probably fine to skip the user interaction part since if
you've got physical access to the device there are much severe security
issues to consider.

Johan
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Bluez Devel]     [Linux Wireless Networking]     [Linux Wireless Personal Area Networking]     [Linux ATH6KL]     [Linux USB Devel]     [Linux Media Drivers]     [Linux Audio Users]     [Linux Kernel]     [Linux SCSI]     [Big List of Linux Books]

  Powered by Linux