[Pkg-bluetooth-maintainers] Bug#426410: bluez-utils: Once paired, a device is granted all accesses

[Vincent Bernat]

Package: bluez-utils
Version: 3.7-1
Severity: wishlist
Tags: security

Hi !

I did not find any place to grant access to some services to a device
and not some others. If it is not possible to tell which service a
device can access, I think this is a major security drawback and that
bluez stack should implement a way to define services access.

For example, I pair with a device to send him a file. I don't want him
to be able to use my Internet access if dund is started. I don't want
him to be able to access files from obexserver and I don't want him to
be able to act as a keyboard for my host.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.21.1-zoro.15
Locale: LANG=fr_FR at euro, LC_CTYPE=fr_FR at euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages bluez-utils depends on:
ii  dbus                         1.0.2-5     simple interprocess messaging syst
ii  libbluetooth2                3.9-1       Library to use the BlueZ Linux Blu
ii  libc6                        2.5-9       GNU C Library: Shared libraries
ii  libdbus-1-3                  1.0.2-5     simple interprocess messaging syst
ii  libusb-0.1-4                 2:0.1.12-7  userspace USB programming library
ii  lsb-base                     3.1-23.1    Linux Standard Base 3.1 init scrip
ii  makedev                      2.3.1-83    creates device files in /dev
ii  module-init-tools            3.3-pre11-1 tools for managing Linux kernel mo
ii  udev                         0.105-4     /dev/ and hotplug management daemo

Versions of packages bluez-utils recommends:
pn  bluez-passkey-gnome           <none>     (no description available)

-- no debconf information