On Wed, Jan 7, 2009 at 3:09 PM, Simon McVittie <simon.mcvit...@collabora.co.uk> wrote: > > As far as I can tell, BlueZ agents work like this: > > * the agent (a UI process run by a user) calls a method on the hci daemon (run > by root) and passes in its unique name and its (arbitrary) object path > * later, the hci daemon calls a method on the agent > > so the only thing that can be relied on is that when the hci daemon calls > the method, it's on the org.bluez.Agent interface!
Urf. Can we just change this to use signals? Signals can be sent to a particular destination only (I'm pretty sure). > Mitigating factor: the hci daemon runs as root, so only root needs > permission to call arbitrary methods from the Agent interface on > arbitrary processes at arbitrary object paths, and root can ptrace or > impersonate hcid (or indeed dbus-daemon) anyway. In the absence of extended security systems like SELinux, yes. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
