Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/hal-0.5.11-patches/0043-fixed-HAL-D-Bus-config-added-send_destination-for-a.patch
diff options
context:
space:
mode:
authorsteev <steev@cypher.ubersekret.info>2009-02-05 14:23:38 -0600
committersteev <steev@cypher.ubersekret.info>2009-02-05 14:23:38 -0600
commit8a34b074db1e60dbdd46c64120ab01eb17252b90 (patch)
tree2911bab58cb712c73c9e79b671c427231517a5c2 /hal-0.5.11-patches/0043-fixed-HAL-D-Bus-config-added-send_destination-for-a.patch
parentinitialize repository (diff)
downloadgentoo-hal-master.tar.gz
gentoo-hal-master.tar.bz2
gentoo-hal-master.zip
Add patches and examplesHEADmaster
Diffstat (limited to 'hal-0.5.11-patches/0043-fixed-HAL-D-Bus-config-added-send_destination-for-a.patch')
-rw-r--r--hal-0.5.11-patches/0043-fixed-HAL-D-Bus-config-added-send_destination-for-a.patch87
1 files changed, 87 insertions, 0 deletions
diff --git a/hal-0.5.11-patches/0043-fixed-HAL-D-Bus-config-added-send_destination-for-a.patch b/hal-0.5.11-patches/0043-fixed-HAL-D-Bus-config-added-send_destination-for-a.patch
new file mode 100644
index 00000000..c1f45034
--- /dev/null
+++ b/hal-0.5.11-patches/0043-fixed-HAL-D-Bus-config-added-send_destination-for-a.patch
@@ -0,0 +1,87 @@
+From 88691aea52226043552837ef8bd0375786ea9f86 Mon Sep 17 00:00:00 2001
+From: Danny Kukawka <danny.kukawka@web.de>
+Date: Thu, 22 Jan 2009 14:21:15 +0100
+Subject: [PATCH 43/48] fixed HAL D-Bus config: added send_destination for all interfaces
+
+Fixed HAL D-Bus config due to D-Bus changes caused by CVE-2008-4311.
+Added send_destination="org.freedesktop.Hal" for all exported
+interfaces as recommended here:
+https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/318783
+
+" [...]
+*IMPORTANT* you MUST include send_destination on ALL allow or deny
+tags. Omitting it is a SERIOUS bug!
+
+ <!-- !! SERIOUS BUG !! -->
+ <allow send_interface="x.y.z" />
+
+This allows any service to receive method calls of the given
+interface, not just your own service!
+
+It also implicitly allows any service to receive method calls
+with no interface specified, in case they match this interface!
+[...] "
+---
+ hal.conf.in | 45 ++++++++++++++++++++++++++++++---------------
+ 1 files changed, 30 insertions(+), 15 deletions(-)
+
+diff --git a/hal.conf.in b/hal.conf.in
+index 6790ee9..bfd6511 100644
+--- a/hal.conf.in
++++ b/hal.conf.in
+@@ -19,22 +19,37 @@
+ <allow send_destination="org.freedesktop.Hal"
+ send_interface="org.freedesktop.DBus.Introspectable"/>
+
+- <allow send_interface="org.freedesktop.Hal.Device"/>
+- <allow send_interface="org.freedesktop.Hal.Manager"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Manager"/>
+
+- <allow send_interface="org.freedesktop.Hal.Device.CPUFreq"/>
+- <allow send_interface="org.freedesktop.Hal.Device.DockStation"/>
+- <allow send_interface="org.freedesktop.Hal.Device.KillSwitch"/>
+- <allow send_interface="org.freedesktop.Hal.Device.KeyboardBacklight"/>
+- <allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
+- <allow send_interface="org.freedesktop.Hal.Device.Leds"/>
+- <allow send_interface="org.freedesktop.Hal.Device.LightSensor"/>
+- <allow send_interface="org.freedesktop.Hal.Device.Storage"/>
+- <allow send_interface="org.freedesktop.Hal.Device.Storage.Removable"/>
+- <allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/>
+- <allow send_interface="org.freedesktop.Hal.Device.Volume"/>
+- <allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
+- <allow send_interface="org.freedesktop.Hal.Device.WakeOnLan"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.CPUFreq"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.DockStation"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.KillSwitch"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.KeyboardBacklight"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.Leds"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.LightSensor"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.Storage"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.Storage.Removable"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.Volume"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
++ <allow send_destination="org.freedesktop.Hal"
++ send_interface="org.freedesktop.Hal.Device.WakeOnLan"/>
+
+ </policy>
+
+--
+1.6.1.2
+