2
# Description: fix secrets disclosure to unauthorized users (CVE-2009-0365)
4
diff -Nur -x '*.orig' -x '*~' network-manager-applet-0.6.5/nm-applet.conf network-manager-applet-0.6.5.new/nm-applet.conf
5
--- network-manager-applet-0.6.5/nm-applet.conf 2007-04-19 14:01:22.000000000 -0400
6
+++ network-manager-applet-0.6.5.new/nm-applet.conf 2009-02-26 11:27:29.000000000 -0500
9
<allow send_destination="org.freedesktop.NetworkManagerInfo"/>
10
<allow send_interface="org.freedesktop.NetworkManagerInfo"/>
12
+ <!-- Only root can get keys -->
13
+ <deny send_destination="org.freedesktop.NetworkManagerInfo"
14
+ send_interface="org.freedesktop.NetworkManagerInfo"
15
+ send_member="getKeyForNetwork"/>
17
+ <deny send_destination="org.freedesktop.NetworkManagerInfo"
18
+ send_interface="org.freedesktop.NetworkManagerInfo"
19
+ send_member="cancelGetKeyForNetwork"/>
21
+ <deny send_destination="org.freedesktop.NetworkManagerInfo"
22
+ send_interface="org.freedesktop.NetworkManagerInfo"
23
+ send_member="updateNetworkInfo"/>
25
<policy context="default">
26
<deny own="org.freedesktop.NetworkManagerInfo"/>