summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDan Williams <dcbw@redhat.com>2014-01-09 12:10:31 -0600
committerDan Williams <dcbw@redhat.com>2014-01-23 16:48:19 -0600
commit7e0f94f0f5a40cda3ab012069f98fafb77ddfd6d (patch)
treed8fa4bb32895c57b4cae33f3a368e2051c94a7ae
parentf0149b637252fce800885de9039a473dbb1937de (diff)
downloadNetworkManager-7e0f94f0f5a40cda3ab012069f98fafb77ddfd6d.tar.gz
dbus: kill at_console usage in permissions (bgo #707983) (rh #979416)
at_console permissions as implemented by D-Bus have some problems: 1) it is now fully redundant with PolicyKit and session tracking via systemd/ConsoleKit 2) it uses a different mechanism than PolicyKit or systemd to determine sessions and whether the user is on local or not (pam_console) 3) it was never widely implemented across so removing it harmonizes D-Bus permissions on all supported distros To that end, remove the at_console section of the D-Bus permissions, and rely on session-tracking and PolicyKit to ensure operations are locked down. No changes are being made to PolicyKit or session-tracking, so any operations denied by those mechanisms are still denied, and no permissions are being relaxed. Instead, this should allow remote users who log in via remote desktop or SSH to inspect network state, change connection parameters, and start/stop interfaces. Obviously if you are remote, you should not touch the interface which your connection is using, but that concern shouldn't prevent all the other nice stuff that you can do with NM. https://bugzilla.gnome.org/show_bug.cgi?id=707983 https://bugzilla.redhat.com/show_bug.cgi?id=979416
Diffstat
-rw-r--r--src/org.freedesktop.NetworkManager.conf114
1 files changed, 60 insertions, 54 deletions
diff --git a/src/org.freedesktop.NetworkManager.conf b/src/org.freedesktop.NetworkManager.conf
index db68374cc8..bdfe3e6773 100644
--- a/src/org.freedesktop.NetworkManager.conf
+++ b/src/org.freedesktop.NetworkManager.conf
@@ -26,93 +26,99 @@
<allow send_destination="org.freedesktop.NetworkManager.ssh"/>
<allow send_destination="org.freedesktop.NetworkManager.iodine"/>
</policy>
- <policy at_console="true">
- <allow send_destination="org.freedesktop.NetworkManager"/>
+ <policy context="default">
+ <deny own="org.freedesktop.NetworkManager"/>
+ <deny send_destination="org.freedesktop.NetworkManager"/>
+
+ <!-- Basic D-Bus API stuff -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Introspectable"/>
-
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.DBus.Properties"/>
+ <!-- Devices (read-only properties, no methods) -->
<allow send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"/>
-
+ send_interface="org.freedesktop.NetworkManager.Device.Adsl"/>
<allow send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager.AccessPoint"/>
-
+ send_interface="org.freedesktop.NetworkManager.Device.Bond"/>
<allow send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager.Connection.Active"/>
-
+ send_interface="org.freedesktop.NetworkManager.Device.Bridge"/>
<allow send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager.Device.Modem"/>
-
+ send_interface="org.freedesktop.NetworkManager.Device.Bluetooth"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wired"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Generic"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Gre"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Infiniband"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Macvlan"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Modem"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.OlpcMesh"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Team"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Tun"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Veth"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Device.Vlan"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.WiMax.Nsp"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.AccessPoint"/>
+ <!-- Devices (read-only, no security required) -->
<allow send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager.Device.Serial"/>
+ send_interface="org.freedesktop.NetworkManager.Device.WiMax"/>
+ <!-- Devices (read/write, secured with PolicyKit) -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device.Wireless"/>
-
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Device"/>
+ <!-- Core stuff (read-only properties, no methods) -->
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Connection.Active"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.DHCP4Config"/>
-
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.DHCP6Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.IP4Config"/>
-
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.IP6Config"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.VPN.Connection"/>
+ <!-- Core stuff (read/write, secured with PolicyKit) -->
<allow send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager.AgentManager"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"
- send_member="SetLogging"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"
- send_member="Sleep"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"
- send_member="sleep"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"
- send_member="wake"/>
- </policy>
- <policy context="default">
- <deny own="org.freedesktop.NetworkManager"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"/>
-
+ send_interface="org.freedesktop.NetworkManager"/>
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.Settings"/>
+ <allow send_destination="org.freedesktop.NetworkManager"
+ send_interface="org.freedesktop.NetworkManager.Settings.Connection"/>
+ <!-- Agents; secured with PolicyKit. Any process can talk to
+ the AgentManager API, but only NetworkManager can talk
+ to the agents themselves. -->
<allow send_destination="org.freedesktop.NetworkManager"
send_interface="org.freedesktop.NetworkManager.AgentManager"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"
- send_member="SetLogging"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"
- send_member="Sleep"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"
- send_member="sleep"/>
-
- <deny send_destination="org.freedesktop.NetworkManager"
- send_interface="org.freedesktop.NetworkManager"
- send_member="wake"/>
+ <deny send_interface="org.freedesktop.NetworkManager.SecretAgent"/>
+
+ <!-- Root-only functions -->
+ <deny send_interface="org.freedesktop.NetworkManager" send_member="SetLogging"/>
+ <deny send_interface="org.freedesktop.NetworkManager" send_member="Sleep"/>
+ <deny send_interface="org.freedesktop.NetworkManager.Settings" send_member="LoadConnections"/>
+ <deny send_interface="org.freedesktop.NetworkManager.Settings" send_member="ReloadConnections"/>
+ <deny send_interface="org.freedesktop.NetworkManager.VPN.Plugin"/>
+ <deny send_interface="org.freedesktop.NetworkManager.PPP"/>
</policy>
</busconfig>
View Lorry Controller Status