[MEN-4012] Implement polkit file which hides sensitive data from dbus-monitor - Northern.tech AS

XML

Word

Printable

Details

Type: Task
Status: Done
Priority: (None)
Resolution: Fixed
Affects Version/s: None
Fix Version/s: Client API: Authentication
Labels:
- Client

Sprint:
MEN Sprint 122
Story Points:
8
Epic Link:
Client API: Authentication
Backlog:
yes
Days in progress:
0

Description

By default, DBus transactions are visible to everyone.

Acceptance criteria:

Implement polkit file which hides the token from dbus-monitor, and from logs
- If necessary, change API to pass token over a file descriptor
- There is some info on the subject here.
There is a Makefile target to install the polkit file.

Attachments

Release management

Issue Links

blocks

MEN-4013 Acceptance test which verifies that no sensitive data is passed over DBus insecurely

Rejected

Activity

People

Assignee:: Kristian Amlie

Reporter:: Kristian Amlie

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 05/Oct/20 1:09 PM

Updated:: 19/Oct/20 2:46 PM

Resolved:: 19/Oct/20 2:46 PM