Hi Marcel,
In the new service interface, hcid will work as a proxy routing
messages from/to clients to service agents. We added verifications
based on the message sender field in the hcid, but it is missing add
some security verification in the service agent side. If someone
wants to send a message directly to the service agent it is possible!
eg:
dbus-send --system --dest=":1.5" --type=method_call --print-reply
/org/bluez/service_agent_12094 org.bluez.ServiceAgent.Start
I started the investigation how avoid clients send messages directly
to the Service Agents. I don't think it's possible add rules in the
/etc/dbus-1/system.d/bluetooth.conf file to block that. Do you know
how create this rule? It is possible? (As long as I can remember our
last discussion, service agents will not have D-Bus configuration
files.)
Another option is let the Service Agent check this, I mean extract the
sender and only accept message from the hcid. We have the same problem
with authorization and passkey agents.
Comments? Is it really necessary check this or we can leave it open?
BR,
Claudio.
--
---------------------------------------------------------
Claudio Takahasi
Instituto Nokia de Tecnologia - INdT
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Bluez-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-devel
Hi Claudio,
> In the new service interface, hcid will work as a proxy routing
> messages from/to clients to service agents. We added verifications
> based on the message sender field in the hcid, but it is missing add
> some security verification in the service agent side. If someone
> wants to send a message directly to the service agent it is possible!
> eg:
> dbus-send --system --dest=":1.5" --type=method_call --print-reply
> /org/bluez/service_agent_12094 org.bluez.ServiceAgent.Start
>
> I started the investigation how avoid clients send messages directly
> to the Service Agents. I don't think it's possible add rules in the
> /etc/dbus-1/system.d/bluetooth.conf file to block that. Do you know
> how create this rule? It is possible? (As long as I can remember our
> last discussion, service agents will not have D-Bus configuration
> files.)
>
> Another option is let the Service Agent check this, I mean extract the
> sender and only accept message from the hcid. We have the same problem
> with authorization and passkey agents.
>
> Comments? Is it really necessary check this or we can leave it open?
I don't know how to create the rule, but the agent implementation should
not be bothered at all. If we need to have a config file per agent, then
this is also not a big problem. An agent that is serious about security
will implement such config file.
Regards
Marcel
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Bluez-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/bluez-devel