diff options
| author | Danny Kukawka <danny.kukawka@web.de> | 2009-01-22 14:21:15 +0100 |
|---|---|---|
| committer | Danny Kukawka <danny.kukawka@web.de> | 2009-01-22 14:21:15 +0100 |
| commit | 8b56ff46e57bb9b5cb7d923c21b8c98cd19d487e (patch) | |
| tree | 61ca6bbacf2cffa4808ccabb8a8daa9908b8479e | |
| parent | 98c458e250ddd6209dc1f2110ff67481a94421ff (diff) | |
fixed HAL D-Bus config: added send_destination for all interfaces
Fixed HAL D-Bus config due to D-Bus changes caused by CVE-2008-4311.
Added send_destination="org.freedesktop.Hal" for all exported
interfaces as recommended here:
https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/318783
" [...]
*IMPORTANT* you MUST include send_destination on ALL allow or deny
tags. Omitting it is a SERIOUS bug!
<!-- !! SERIOUS BUG !! -->
<allow send_interface="x.y.z" />
This allows any service to receive method calls of the given
interface, not just your own service!
It also implicitly allows any service to receive method calls
with no interface specified, in case they match this interface!
[...] "
| -rw-r--r-- | hal.conf.in | 47 |
1 files changed, 31 insertions, 16 deletions
diff --git a/hal.conf.in b/hal.conf.in index 4fee9adb..403465ef 100644 --- a/hal.conf.in +++ b/hal.conf.in @@ -21,22 +21,37 @@ <allow send_destination="org.freedesktop.Hal" send_interface="org.freedesktop.DBus.Properties" /> - <allow send_interface="org.freedesktop.Hal.Device"/> - <allow send_interface="org.freedesktop.Hal.Manager"/> - - <allow send_interface="org.freedesktop.Hal.Device.CPUFreq"/> - <allow send_interface="org.freedesktop.Hal.Device.DockStation"/> - <allow send_interface="org.freedesktop.Hal.Device.KillSwitch"/> - <allow send_interface="org.freedesktop.Hal.Device.KeyboardBacklight"/> - <allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"/> - <allow send_interface="org.freedesktop.Hal.Device.Leds"/> - <allow send_interface="org.freedesktop.Hal.Device.LightSensor"/> - <allow send_interface="org.freedesktop.Hal.Device.Storage"/> - <allow send_interface="org.freedesktop.Hal.Device.Storage.Removable"/> - <allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/> - <allow send_interface="org.freedesktop.Hal.Device.Volume"/> - <allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/> - <allow send_interface="org.freedesktop.Hal.Device.WakeOnLan"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Manager"/> + + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.CPUFreq"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.DockStation"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.KillSwitch"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.KeyboardBacklight"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.LaptopPanel"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Leds"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.LightSensor"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Storage"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Storage.Removable"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Volume"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/> + <allow send_destination="org.freedesktop.Hal" + send_interface="org.freedesktop.Hal.Device.WakeOnLan"/> </policy> |