Access to the API should be subject to security mediation
Bug #1593383 reported by
Thomas Voß
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| biometryd |
Fix Released
|
High
|
Thomas Voß | ||
Bug Description
In addition to common confinement mechanisms present on the platform, the service and its skeletons should verify incoming requests to make sure that the origin of a request is permitted to access the respective functionality.
Related branches
lp:~thomas-voss/biometryd/verify-incoming-requests
- Ken VanDine: Approve
-
Diff: 1169 lines (+722/-123)14 files modifiedsrc/biometry/CMakeLists.txt (+5/-0)
src/biometry/dbus/interface.h (+24/-13)
src/biometry/dbus/skeleton/credentials_resolver.h (+50/-0)
src/biometry/dbus/skeleton/daemon_credentials_resolver.cpp (+117/-0)
src/biometry/dbus/skeleton/daemon_credentials_resolver.h (+53/-0)
src/biometry/dbus/skeleton/device.cpp (+5/-2)
src/biometry/dbus/skeleton/device.h (+5/-1)
src/biometry/dbus/skeleton/identifier.cpp (+63/-19)
src/biometry/dbus/skeleton/identifier.h (+25/-2)
src/biometry/dbus/skeleton/request_verifier.cpp (+33/-0)
src/biometry/dbus/skeleton/request_verifier.h (+60/-0)
src/biometry/dbus/skeleton/template_store.cpp (+239/-83)
src/biometry/dbus/skeleton/template_store.h (+42/-3)
tests/CMakeLists.txt (+1/-0)
| Changed in biometryd: | |
| status: | New → In Progress |
| importance: | Undecided → High |
| assignee: | nobody → Thomas Voß (thomas-voss) |
| Changed in biometryd: | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
