projects
/
systembsd.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c7028b1
)
add deny clause in hostnamed sysbus policy
author
kremlin
<ian@kremlin.cc>
Fri, 8 Aug 2014 05:21:34 +0000
(
00:21
-0500)
committer
kremlin
<ian@kremlin.cc>
Fri, 8 Aug 2014 05:21:34 +0000
(
00:21
-0500)
add a <deny> statement to prevent regular users from invoking any
methods on hostname1's interface, which all set details only root
should be able to set
conf/sysbus-policy/hostnamed-dbus.conf
patch
|
blob
|
blame
|
history
diff --git
a/conf/sysbus-policy/hostnamed-dbus.conf
b/conf/sysbus-policy/hostnamed-dbus.conf
index ea11b9d2b3e1490c9a0fa1f4d450306e72d7ec87..9c4fa4101f6d7d56c98244f1a6f302cd82450069 100644
(file)
--- a/
conf/sysbus-policy/hostnamed-dbus.conf
+++ b/
conf/sysbus-policy/hostnamed-dbus.conf
@@
-10,5
+10,9
@@
<policy context="default">
<allow send_destination="org.freedesktop.hostname1"/>
<allow receive_sender="org.freedesktop.hostname1"/>
+
+ <deny send_destination="org.freedesktop.hostname1"
+ send_interface="org.freedesktop.hostname1"
+ send_type="method_call"/>
</policy>
</busconfig>