Re: setEnvironmentVariable DBus method for wpasupplicant

[Jouni Malinen <j w1 fi>]

On Thu, Jul 24, 2008 at 02:29:32AM +0900, David Smith wrote:

> For implementing PKCS#11 support in the network manager gnome applet
> using gnome keyring as the backing store, it's necessary to tell
> wpasupplicant the environment variable of GNOME_KEYRING_SOCKET before
> loading the gnome keyring PKCS#11 library. This socket will be protected
> to the local user, but since wpasupplicant must run as root, it should
> be able to access it and indeed it must.

wpa_supplicant can actually be run without root capabilities when using
privacy separation. However, that may not be of much help here. Using
environment variable for this type of configuration for a library sounds
a bit odd, but maybe there is no better way of passing that information.

> Attached is a patch to add a DBus interface to set environment variables
> in wpasupplicant. I hope this is an acceptable compromise. In the long
> term, a better interface from keyring might be made available and then
> any necessary changes to wpasupplicant could be made at that time, but
> for now this is a rather trivial addition that would primarily be useful
> for working with the current implementation.

I have to say that I don't really like this at all.. If I understood the
design correctly, it may indeed be necessary to be able to set
GNOME_KEYRING_SOCKET. However, I don't see need for setting any other
environment variable. I would certainly prefer to do this in some other
way, but if this is the only feasible one, I would be fine with a
compromise that adds a new DBus command for setting GNOME_KEYRING_SOCKET
(i.e., just this particular environment variable, not arbitrary
variables). I would rather not go through the details of what external
programs could do by setting some other variables and as such, it would
be simpler to just limit this to a single variable as a workaround for
the particular issue.

-- 
Jouni Malinen                                            PGP id EFC895FA