http://bugzilla.opensuse.org/show_bug.cgi?id=1202059 http://bugzilla.opensuse.org/show_bug.cgi?id=1202059#c14 --- Comment #14 from Imobach Gonzalez Sosa <igonzalezsosa@suse.com> --- (In reply to Matthias Gerstner from comment #13)
The point I wanted to make is that regardless with user the client runs as, by having access to the installer D-Bus service it can do more or less what it wants on the system (like installing Linux on any block device, setting up passwords etc.). Right?
Yes.
I would suggest that you use the D-Bus configuration to only allow a dedicated user to communicate with the service (maybe in the beginning root, later maybe some other user account). When you come up with that new config file I can whitelist the stuff.
OK, it makes sense. We are restricting the access to the root user only by now (see https://github.com/yast/d-installer/pull/267). [..]
After starting the service it works, but the service should also *autostart* due to the configuration files in the package. That is where the error above is coming from, the autostarting somehow failed.
Autostarting the installer maybe isn't the best idea anyway, it should always be explicitly started. But then you shouldn't ship an autostart config.
That's true. The service name was wrong, but I agree that it does not make much sense. So in the same PR (https://github.com/yast/d-installer/pull/267) I am dropping the D-Bus service file. Thanks! -- You are receiving this mail because: You are on the CC list for the bug.