diff options
author | sanghyeok.oh <sanghyeok.oh@samsung.com> | 2017-08-08 17:47:37 +0900 |
---|---|---|
committer | sanghyeok oh <sanghyeok.oh@samsung.com> | 2017-08-08 09:02:58 +0000 |
commit | 384e79144c6a37a58025819b95c48853d41e9681 (patch) | |
tree | 0a9f8cb60124aa2ebd0b39f3b8f2d1b26b885e03 /src | |
parent | fd3573b27dcecd10afaaabada6892a0e65974e44 (diff) | |
download | connman-384e79144c6a37a58025819b95c48853d41e9681.tar.gz connman-384e79144c6a37a58025819b95c48853d41e9681.tar.bz2 connman-384e79144c6a37a58025819b95c48853d41e9681.zip |
dbus: modify dbus policy configuration
<allow send_type="signal"/> can affect every other process(uid root or network_fw),
This can cause abnormal behavior against other dbus services.
So, remove this rule from dbus conf.
Sending signal to net.connman is allowed by this rule,
'<allow send_destination="net.connman"/>'
After all, there are no behavior changes.
Change-Id: I7668deeaa33ae14181c64d0a85a049fa2387657b
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/connman.conf | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/connman.conf b/src/connman.conf index f3bde768..0b6b77f9 100644 --- a/src/connman.conf +++ b/src/connman.conf @@ -4,14 +4,16 @@ <policy user="root"> <allow own="net.connman"/> <allow send_destination="net.connman"/> - <allow send_type="signal"/> </policy> <policy user="network_fw"> <allow own="net.connman"/> <allow send_destination="net.connman"/> - <allow send_type="signal"/> </policy> <policy context="default"> + <deny own="net.connman"/> + <deny send_destination="net.connman"/> + <allow send_destination="net.connman" send_type="signal"/> + <check send_destination="net.connman" send_interface="net.connman.Manager" send_member="GetTechnologies" privilege="http://tizen.org/privilege/network.get" /> <check send_destination="net.connman" send_interface="net.connman.Manager" send_member="GetProperties" privilege="http://tizen.org/privilege/network.get" /> <check send_destination="net.connman" send_interface="net.connman.Manager" send_member="GetServices" privilege="http://tizen.org/privilege/network.get" /> |