Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?

From: Dan Williams <dcbw redhat com>
To: Lance Wang <lance w19 gmail com>
Cc: networkmanager-list gnome org
Subject: Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
Date: Thu, 10 Sep 2009 13:29:07 -0700

On Thu, 2009-09-10 at 14:13 +0800, Lance Wang wrote:
> Hi Dan
> 
> On Fri, Sep 4, 2009 at 1:29 AM, Dan Williams <dcbw redhat com> wrote:
> > On Tue, 2009-09-01 at 15:12 +0800, Bin Li wrote:
> 
> 
> 
> >>   There's only org.freedesktop.network-manager-settings.system.modify,
> >> introduce something like
> >> org.freedesktop.network-manager-settings.user.modify so NM can
> >> determine whether it should accept user settings.
> >>
> >>   Also we could separate the action in more grained, such as
> >> org.freedesktop.network-manager-settings.system.modify
> >> org.freedesktop.network-manager-settings.system.add
> >> org.freedesktop.network-manager-settings.system.delete
> >
> > I thought about that, but can't see a use-case.  If you can *add*
> > connections, then that's the same thing as modifying them.  It makes no
> > sense to deny modify, but allow add, since the user could just add the
> > connection they wanted instead of modifying an existing one.  Delete by
> > itself also doesn't make a lot of sense.  I view the three permissions
> > as a unit because in reality, I can't think of cases where you'd
> > actually need to split them up.
> >
> 
> But maybe we could separate the action according the type of the
> connection. For example, they may be like these
> 
> org.freedesktop.network-manager-settings.system.wired.modify
> org.freedesktop.network-manager-settings.system.wireless.modify
> org.freedesktop.network-manager-settings.system.mobile.modify
> org.freedesktop.network-manager-settings.system.vpn.modify
> org.freedesktop.network-manager-settings.system.dsl.modify

That's not a bad idea, though what kind of situation would allow users
to modify Ethernet connections but not 3G or wifi ones?  Just trying to
understand the use-cases here.

> .
> 
> >> and the same for .user .
> >>
> >>
> >> And you may even want to specifically allow or disallow adding for
> >> specific network types like wired, wireless, VPN, etc.
> >
> > Definitely.  There are now permissions in the system settings service
> > that the UI can check for, and this sort of thing would be used to allow
> > the UI to intelligently enable/disable elements.
> 
> So what is the permissions do you mean in the system settings service?
> I am afraid that It is possible that go round them through dbus
> directly instead of UI.

I don't think that's possible; NetworkManager requires authorization of
the requestor, even from the command-line, before it will allow
modification of the system connection.  The permissions and policy are
not just a UI thing.

> Because that you can send anything to the interface
> org.freedesktop.NetworkManagerSettings.System
> if you get authorised.

Not quite, there are a few levels of permissions here.  D-Bus
permissions can restrict access on a coarse-grained level based on user,
but PolicyKit can restrict/allow access on a much finer-grained level.
NetworkManager utilizes both methods.  So even if you are authorized to
send a message (via D-Bus permissions), you're not necessarily
authorized to perform the action contained in that message
(authorization would be gained by presenting the right credentials to
PolicyKit).

Dan

References:
- Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Bin Li
- Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Dan Williams
- Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Lance Wang

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]