Re: iwd + systemd-networkd + resolvconf wrinkles

To: debian-user@lists.debian.org
Subject: Re: iwd + systemd-networkd + resolvconf wrinkles
From: Brian <ad44@cityscape.co.uk>
Date: Fri, 18 Mar 2022 14:29:25 +0000
Message-id: <[🔎] 18032022130800.670b82118f30@desktop.copernicus.org.uk>
In-reply-to: <[🔎] 20220318043939.GC11242@axis.corp>
References: <[🔎] 20220314010406.GA28706@axis.corp> <[🔎] 17032022144051.af3bc0839087@desktop.copernicus.org.uk> <[🔎] 20220318043939.GC11242@axis.corp>

On Thu 17 Mar 2022 at 23:39:39 -0500, David Wright wrote:

> On Thu 17 Mar 2022 at 14:50:06 (+0000), Brian wrote:
> > On Sun 13 Mar 2022 at 20:04:06 -0500, David Wright wrote:
> > 
> > [...]
> > 
> > > By the end of all this, the link should be working, and a file
> > > like this will have been written (that only root can see):
> > > 
> > > # cat /var/lib/iwd/YourSSID.psk 
> > > [Security]
> > > PreSharedKey=abdcef0123456789…abdcef0123456789…abdcef0123456789
> > > Passphrase=yoursecretpassphrase
> > > #
> > 
> > However, brian (who is not in the netdev group) can do
> > 
> >   iwctl known-networks YourSSID forget
> > 
> > and /var/lib/iwd/YourSSID.psk is deleted.
> > 
> > This user can also successfully execute
> > 
> >   iwctl station wlan0 connect YourSSID
> > 
> > to bring about association with a WAP. Neither should be possible.
> 
> I have /read/ that security is handled through D-Bus, but I haven't
> followed this up because the above doesn't present a problem here.

Perhaps a problem would arise when there are untrusted users on the
machine. Having the network connection destroyed, accidentally or not,
is not my idea of fun.
 
> For example, /etc/dbus-1/system.d/org.freedesktop.ModemManager1.conf
> seems to be aimed at controlling a modem, where a user might otherwise
> be able to spend real money at someone else's expense. I guess Debian
> might provide something like that.
> 
> I /imagine/ that such a facility could be quite fine-grained, unlike
> plain netdev permissions. For example, allowing "connect"ions like the
> above, but only to pre-defined SSIDs, and disallowing reconfigurations
> like the "forget" above.
> 
> Then an /etc/default/iwd might define the privileged usernames for
> each operation, or point to a file defining such.

My uderstanding is that access to hardware should be handled by ACLs
(preferably) or group membership. For example, an ACL is used for my
audio card and scanner. wpasupplicant uses netdev group membership.
The idea of devolving such a facility to a message bus service does
not seem like the right path to take.

BTW, iwd in bullseye has dbus as a recommended package. It would be
interesting to know what part of iwd works without dbus. A quick
test here has iwd quitting when the dbus service is stopped.

-- 
Brian.

Reply to:

References:
- iwd + systemd-networkd + resolvconf wrinkles
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: iwd + systemd-networkd + resolvconf wrinkles
  - From: Brian <ad44@cityscape.co.uk>
- Re: iwd + systemd-networkd + resolvconf wrinkles
  - From: David Wright <deblis@lionunicorn.co.uk>

Prev by Date: Re: OT EU-based Cloud Service
Next by Date: Re: iwd + systemd-networkd + resolvconf wrinkles
Previous by thread: Re: iwd + systemd-networkd + resolvconf wrinkles
Next by thread: Re: iwd + systemd-networkd + resolvconf wrinkles
Index(es):
- Date
- Thread