From owner-freebsd-bluetooth@FreeBSD.ORG Thu Mar 9 19:14:14 2006 Return-Path: X-Original-To: freebsd-bluetooth@FreeBSD.org Delivered-To: freebsd-bluetooth@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 454D816A420 for ; Thu, 9 Mar 2006 19:14:14 +0000 (GMT) (envelope-from maksim.yevmenkin@savvis.net) Received: from ismybrain.com (ismybrain.com [64.246.42.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id DAC1543D45 for ; Thu, 9 Mar 2006 19:14:13 +0000 (GMT) (envelope-from maksim.yevmenkin@savvis.net) Received: from [10.254.186.111] (localhost.localdomain [127.0.0.1]) by ismybrain.com (8.11.6/8.11.6) with ESMTP id k29JBgM01116; Thu, 9 Mar 2006 14:11:43 -0500 Message-ID: <44107DEC.4060902@savvis.net> Date: Thu, 09 Mar 2006 11:11:40 -0800 From: Maksim Yevmenkin User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050404) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Iain Hibbert References: <440DCFF0.6090809@savvis.net> <1141761895.037384.5308.nullmailer@galant.ukfsn.org> <440DF38F.7020707@savvis.net> <1141772196.551930.3681.nullmailer@galant.ukfsn.org> <440E1988.10202@savvis.net> <1141779342.768110.17808.nullmailer@galant.ukfsn.org> <440E31E7.9050409@savvis.net> <1141894332.239191.546.nullmailer@galant.ukfsn.org> In-Reply-To: <1141894332.239191.546.nullmailer@galant.ukfsn.org> Content-Type: text/plain; charset=KOI8-R; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-bluetooth@FreeBSD.org Subject: Re: apple bluetooth keyboard X-BeenThere: freebsd-bluetooth@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Using Bluetooth in FreeBSD environments List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2006 19:14:14 -0000 Iain Hibbert wrote: > On Tue, 7 Mar 2006, Maksim Yevmenkin wrote: > >>Iain Hibbert wrote: >> >>>baseband connection, then 'red' can access the device through another >>>L2CAP or RFCOMM socket (well, they can in my world :) >> >>you can do it with freebsd. i can open baseband by hand (as root) and then do >>sdp query and/or rfcomm session as another user. i'm not following you here. > > My thought is exactly that. Once a device is authenticated, there is no > way to restrict user access. User 'blue' might wish to copy pictures from > his mobile phone, but that does not necessarily mean that user 'red' > should be able to send a fax to a premium rate number.. well, this is the wrong protocol layer to implement this kind of restrictions. you simply do not have enough information to make a proper decision. it is up to the services themselves to verify user credentials and allow (or deny) access to the service. obex, for example, has built-in authentication facility. and, in theory, it is possible to authenticate obex requests (much like http). serial port profile, on the other hand, does not have built-in authentication facility. bluetooth is obviously positioned for personal use. so, "single pin code gives access to all services" model works here. > I am ignoring this issue for now though, its too complex and I just want > to get it working (which it does, I did some internet surfing at 9600bps > for a while yesterday :) cool! thanks, max