著者: aitor_czr 日付: To: dng 題目: Re: [DNG] How to test the backend of simple-netaid
Hi again,
El 07/09/18 a las 19:50, aitor_czr escribió: >
> Hi,
>
> El 07/09/18 a las 19:37, aitor_czr escribió:
>> This is the simple script used for the wireless connection attempts:
>>
>> ifdown <device_name>
>> ip link set <device_name> up
>> pkill wpa_supplicant
>> wpa_passphrase <essid> <password> > <conf_file>
>> wpa_supplicant -B -c<conf_file> -i<device_name>
>> rm -f /run/network/ifstate.<device_name>
>> ip link set <device_name> up
>> sleep 1
>> ifup <device_name>
>>
>> Maybe, the lines nº 6 and nº7 are superfluous. The line nº8 (that is,
>> "sleep 1") is important, believe it.
>> As sysadmins, what do you think about the use of "pkill wpa_supplicant"?
>>
>> Aitor.
>
> This script needs granted permissions; so, it's included in a suid
> binary. Once i talked about a security key for this binary.
> The security key would be generated during the compilation of the
> application in a way that only those binaries built *together* with
> the suid binary will know it.
> First of all, i have to deal with the add_custom_command() function of
> CMake, in order to control the preference of the targets.
> The first step should be to generate this key, before all the executables.
>
> Cheers,
>
> Aitor.
The idea is very simple. The GUI and the suid binary will contain a
non-existent header:
#include "key.h"
The key.h file will contain an unique line (the random definition of the
KEY varible) edited by CMake during the compilation. For example: