| tbr | today's fun topic: think up how to proxy things between dbus and the push service | 08:52 |
|---|---|---|
| tbr | I guess it would make sense to put some sort of restrictions on this, so that it's not possible to wreak uncontrolled havoc on remote devices | 09:48 |
| kimmoli | what restrictions? pin? count per time limitation? | 09:52 |
| tbr | more as in to what you can send messages | 09:53 |
| kimmoli | ? | 09:54 |
| kimmoli | mean different datatypes | 09:54 |
| kimmoli | ? | 09:54 |
| tbr | If I allow arbitrary DBus messages then you can mess with contacts, put the device online, offline, switch on ap mode, etc | 09:55 |
| tbr | everything that you can do on the dbus user session, suddenly you can do remotely | 09:56 |
| kimmoli | thats not good idea.. | 10:00 |
| kimmoli | did you intend to frame dbus messages overmqtt ? | 10:00 |
| tbr | I'm currently exploring all directions and at the same time thinking how I would exploit them | 10:08 |
| tbr | for comparison I'm going to read http://bazaar.launchpad.net/~ubuntu-push-hackers/ubuntu-push/trunk/view/head:/docs/lowlevel.txt | 10:08 |
| tbr | no need to reinvent the wheel | 10:09 |
| tbr | their token approach makes sense | 10:31 |
| tbr | not sure how aplicable the rest is, as they use specific app IDs etc | 10:37 |
Generated by irclog2html.py 2.17.1 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!