Reply
Thread Tools
Schturman's Avatar
Posts: 5,339 | Thanked: 4,133 times | Joined on Jan 2010 @ Israel
#11
Originally Posted by rainisto View Post
Run following command with exploited capas:



You can pretty easily make desktop icon for it, but you need incepted opensh to make it run because of aegis capabilities.

PS. and word of warning: don't play with variables there, just use copy & paste. Since if you change the parameter values, you can for example force secure wipe of the device (without asking any confirmations), and most likely you dont want that
It work perfectly for me when I just installed it:
Code:
[Desktop Entry]
Encoding=UTF-8
Version=1.0
Type=Application
Terminal=false
Name=Secure Phone
Exec=/opt/N950QTweak/Secure/device_secure.sh
Icon=/usr/share/icons/hicolor/80x80/apps/device_secure80.png
X-Window-Icon=
X-HildonDesk-ShowInToolbar=true
X-Osso-Type=application/x-executable
and
Code:
#!/bin/sh

echo root | ariadne sh -c "dbus-send --system --type=method_call --print-reply --dest=com.nokia.devicelock /request com.nokia.devicelock.setState int32:1 int32:1;dbus-send --system --type=method_call --dest=com.nokia.mce /com/nokia/mce/request com.nokia.mce.request.req_tklock_mode_change string:locked"

exit 0
Why it stopped to work after reboot ? It cause reboot + Malfunction window -> reboot again and load your phone normally...
Thanks

Last edited by Schturman; 2013-03-28 at 02:26.
 
Schturman's Avatar
Posts: 5,339 | Thanked: 4,133 times | Joined on Jan 2010 @ Israel
#12
Ok, i got it work after reboot with .conf file... But it take 3-5 min after reboot, harmattan limitation as we know...
Any other ideas ?
 
Posts: 49 | Thanked: 93 times | Joined on Jan 2012 @ Finland
#13
Originally Posted by Schturman View Post
Code:
#!/bin/sh

echo root | ariadne sh -c "dbus-send --system --type=method_call --print-reply --dest=com.nokia.devicelock /request com.nokia.devicelock.setState int32:1 int32:1;dbus-send --system --type=method_call --dest=com.nokia.mce /com/nokia/mce/request com.nokia.mce.request.req_tklock_mode_change string:locked"

exit 0
Of course, you cannot make assumptions about the root password, so you cannot use script like this in N9QT.

Maybe creating a deb package of the script & desktop file, granting the required security token for the script file in the aegis manifest and then incepting the package when activating the tweak? Otherwise you have to depend on and use opensh instead, like in rainisto's example, which may not be the best approach for N9QT as having opensh installed is kind of security risk. Maybe playing with refhashlist, restok, etc. is one option to grant tokens for the script without packaging, but messing them up is a risk too.

Don't know about that rebooting and MALF problem you faced, unfortunately.
 

The Following User Says Thank You to Kallela For This Useful Post:
Schturman's Avatar
Posts: 5,339 | Thanked: 4,133 times | Joined on Jan 2010 @ Israel
#14
 

The Following User Says Thank You to Schturman For This Useful Post:
Reply

Tags
device, secure


 
Forum Jump


All times are GMT. The time now is 21:11.