Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?

From: Tambet Ingo <tambet gmail com>
To: Lance Wang <lance w19 gmail com>
Cc: networkmanager-list gnome org
Subject: Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
Date: Fri, 18 Sep 2009 16:28:55 +0300

On Fri, Sep 18, 2009 at 16:10, Lance Wang <lance w19 gmail com> wrote:
> On Thu, Sep 17, 2009 at 2:11 PM, Tambet Ingo <tambet gmail com> wrote:
>> On Thu, Sep 17, 2009 at 06:16, Bin Li <libin charles gmail com> wrote:
>>>  To disallow users to define their own network configuration, I add a new
>>> permission, org.freedesktop.network-manager-settings.user.modify, then link
>>> to the add button, when the user have permission, he can add it, vice versa.
>>> I've met a problem, the user's connection save in the gconf, and the user
>>> can change the gconf with gconftool-2 without permission checking.
>>>  So are there any method to resolve this problem? And is it okay to do like
>>> this? Any idea?
>>
>> This makes no sense. You can already lock GConf so there's no need to
>> do anything for user settings. Just lock the /system/networking path
>> in gconf and the settings can't be changed. The only thing you could
>> improve, is to make sure nm-applet and nm-connection-editor handle it
>> more gracefully, ie "gray out" the apply button etc...
>>
>
> It make  no sense that "gray out" the apply button etc, I  think,

I'm sorry if I offended you, I didn't mean to.

> when the /system/networking path is locked.  Because if it is locked
> all buttons should be gray out. Maybe we should not show the
> nm-connection-editor,  as on average if someone was not permitted to
> modify user settings, he or she would be denied to modify the system
> settings.
>
> And another aspect. I think we should leave the control in the
> NetworkManager side.  As far as I know, all settings should be apply
> through NetworkManager. If we just lock gconf, people with malicious
> intent can still use modified nm-applet to apply the user settings
> they want.  So I think there may be a policy action such as
> org.freedesktop.network-manager-settings.user.apply.  Every time
> NetworkManager receive the request to apply the user settings, it
> should check the action. And nm-connection-editor also check the
> action to set the button status.  Further more maybe we split the
> policy to org.freedesktop.network-manager-settings.user.wired.apply
> org.freedesktop.network-manager-settings.user.wireless.apply
> org.freedesktop.network-manager-settings.user.vpn.apply  etc...
>
> What do you think?

I think in situations you describe NM should not accept user
connections at all and rely only on system settings that already need
root privileges to change. I don't see why we need two duplicate
systems for controlling one thing.

Tambet

Follow-Ups:
- Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Lance Wang

References:
- Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Bin Li
- Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Dan Williams
- Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Bin Li
- Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Tambet Ingo
- Re: Do we have plan to do finer grained PolicyKit support for Networkmanager?
  - From: Lance Wang

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]