|
|
ae491f |
From df9e2c2a55eec199ba2c624897df22bfa48fa318 Mon Sep 17 00:00:00 2001
|
|
|
ae491f |
From: Lubomir Rintel <lkundrak@v3.sk>
|
|
|
ae491f |
Date: Wed, 27 Jan 2016 17:02:07 +0100
|
|
|
ae491f |
Subject: D-Bus: Don't do <deny send_interface="..." /> in dbus service file
|
|
|
ae491f |
|
|
|
ae491f |
It does more than intended; apart from denying messages to that
|
|
|
ae491f |
particular interface it also denies all messages non-qualified with an
|
|
|
ae491f |
interface globally. This blocks messages completely unrelated to
|
|
|
ae491f |
wpa_supplicant, such as NetworkManager communication with the VPN
|
|
|
ae491f |
plugins.
|
|
|
ae491f |
|
|
|
ae491f |
From the dbus-daemon manual:
|
|
|
ae491f |
|
|
|
ae491f |
Be careful with send_interface/receive_interface, because the
|
|
|
ae491f |
interface field in messages is optional. In particular, do NOT
|
|
|
ae491f |
specify <deny send_interface="org.foo.Bar"/>! This will cause
|
|
|
ae491f |
no-interface messages to be blocked for all services, which is almost
|
|
|
ae491f |
certainly not what you intended. Always use rules of the form:
|
|
|
ae491f |
send_interface="org.foo.Bar" send_destination="org.foo.Service"/>
|
|
|
ae491f |
|
|
|
ae491f |
We can just safely remove those rules, since we're sufficiently
|
|
|
ae491f |
protected by the send_destination matches and method calls are
|
|
|
ae491f |
disallowed by default anyway.
|
|
|
ae491f |
|
|
|
ae491f |
Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
|
|
|
ae491f |
---
|
|
|
ae491f |
wpa_supplicant/dbus/dbus-wpa_supplicant.conf | 2 --
|
|
|
ae491f |
1 file changed, 2 deletions(-)
|
|
|
ae491f |
|
|
|
ae491f |
diff --git a/wpa_supplicant/dbus/dbus-wpa_supplicant.conf b/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
|
|
|
ae491f |
index c091234..382dcb3 100644
|
|
|
ae491f |
--- a/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
|
|
|
ae491f |
+++ b/wpa_supplicant/dbus/dbus-wpa_supplicant.conf
|
|
|
ae491f |
@@ -17,11 +17,9 @@
|
|
|
ae491f |
<policy context="default">
|
|
|
ae491f |
<deny own="fi.epitest.hostap.WPASupplicant"/>
|
|
|
ae491f |
<deny send_destination="fi.epitest.hostap.WPASupplicant"/>
|
|
|
ae491f |
- <deny send_interface="fi.epitest.hostap.WPASupplicant"/>
|
|
|
ae491f |
|
|
|
ae491f |
<deny own="fi.w1.wpa_supplicant1"/>
|
|
|
ae491f |
<deny send_destination="fi.w1.wpa_supplicant1"/>
|
|
|
ae491f |
- <deny send_interface="fi.w1.wpa_supplicant1"/>
|
|
|
ae491f |
<deny receive_sender="fi.w1.wpa_supplicant1" receive_type="signal"/>
|
|
|
ae491f |
</policy>
|
|
|
ae491f |
</busconfig>
|
|
|
ae491f |
--
|
|
|
ae491f |
cgit v0.12
|
|
|
ae491f |
|