wicd

Merge lp://staging/~rworkman/wicd/trunk-rw into lp://staging/wicd/1.6

  1. trunk-rw
  2. Merge into experimental
Proposed by Robby Workman
Status: Rejected
Rejected by: Adam Blackburn
Proposed branch: lp://staging/~rworkman/wicd/trunk-rw
Merge into: lp://staging/wicd/1.6
Diff against target: None lines
To merge this branch: bzr merge lp://staging/~rworkman/wicd/trunk-rw
Reviewer Review Type Date Requested Status
Wicd-devel Pending
Review via email: mp+8361@code.staging.launchpad.net
To post a comment you must log in.
Revision history for this message
Robby Workman (rworkman) wrote :

I think the log entries comment this pretty well.
I won't go so far as to call this a security bug, but I suspect some might.
There might also be some complaining that a wicd which used to work doesn't any more.

Revision history for this message
Adam Blackburn (adamblackburn) wrote :

While this may be useful in some cases, I'm going to reject it because I think that ease of use is more important than security of network keys for most people.

In addition, anyone who has physical access to the machine (which is needed for at_console="true" to apply) already can get the network keys if they so desire.

I have merged up to r438 from this branch into lp:wicd as it does not change anything from the user's standpoint.

This branch may be useful to distro maintainers who wish to remove the at_console="true" flag from the DBus configuration file.

Unmerged revisions

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'in/other=wicd.conf.in'
2--- in/other=wicd.conf.in 2008-12-23 07:47:53 +0000
3+++ in/other=wicd.conf.in 2009-07-08 03:37:30 +0000
4@@ -11,20 +11,6 @@
5 <allow send_interface="org.wicd.daemon.wireless"/>
6 <allow send_destination="org.wicd.daemon.wired"/>
7 <allow send_interface="org.wicd.daemon.wired"/>
8- <allow send_destination="org.wicd.daemon.config"/>
9- <allow send_interface="org.wicd.daemon.config"/>
10- </policy>
11-
12- <policy at_console="true">
13- <allow send_destination="org.wicd.daemon"/>
14- <allow send_interface="org.wicd.daemon"/>
15- <allow send_destination="org.wicd.daemon.wireless"/>
16- <allow send_interface="org.wicd.daemon.wireless"/>
17- <allow send_destination="org.wicd.daemon.wired"/>
18- <allow send_interface="org.wicd.daemon.wired"/>
19- <allow send_destination="org.wicd.daemon.config"/>
20- <allow send_interface="org.wicd.daemon.config"/>
21- <allow send_interface="org.freedesktop.DBus.Introspectable"/>
22 </policy>
23
24 <policy context="default">
25@@ -38,4 +24,20 @@
26 <allow send_interface="org.wicd.daemon"/>
27 </policy>
28
29+ <!-- Uncomment the block below if you want all users logged in locally
30+ to have permission to use wicd-client. This ignores the group
31+ based permission model defined above for the "%WICDGROUP%" group.
32+ Note that this only applies if you are using ConsoleKit - if you
33+ do not have ConsoleKit installed and in use, then this block makes
34+ no difference either way. -->
35+ <!-- <policy at_console="true">
36+ <allow send_destination="org.wicd.daemon"/>
37+ <allow send_interface="org.wicd.daemon"/>
38+ <allow send_destination="org.wicd.daemon.wireless"/>
39+ <allow send_interface="org.wicd.daemon.wireless"/>
40+ <allow send_destination="org.wicd.daemon.wired"/>
41+ <allow send_interface="org.wicd.daemon.wired"/>
42+ <allow send_interface="org.freedesktop.DBus.Introspectable"/>
43+ </policy> -->
44+
45 </busconfig>

Subscribers

People subscribed via source and target branches

to status/vote changes: