3 "description": "Allow system feature probing",
6 "luci": [ "getFeatures" ]
12 "description": "Grant uci write access to all configurations",
21 "description": "Grant access to basic LuCI procedures",
23 "cgi-io": [ "backup", "download", "exec" ],
27 "/dev/mtdblock*": [ "read" ],
28 "/etc/crontabs/root": [ "read" ],
29 "/etc/dropbear/authorized_keys": [ "read" ],
30 "/etc/filesystems": [ "read" ],
31 "/etc/rc.local": [ "read" ],
32 "/etc/sysupgrade.conf": [ "read" ],
33 "/etc/passwd": [ "read" ],
34 "/etc/group": [ "read" ],
35 "/proc/filesystems": [ "read" ],
36 "/proc/mtd": [ "read" ],
37 "/proc/partitions": [ "read" ],
38 "/proc/sys/kernel/hostname": [ "read" ],
39 "/proc/sys/net/netfilter/nf_conntrack_*": [ "read" ],
40 "/proc/mounts": [ "read" ],
41 "/usr/lib/lua/luci/version.lua": [ "read" ],
42 "/bin/dmesg -r": [ "exec" ],
43 "/bin/ping *": [ "exec" ],
44 "/bin/ping6 *": [ "exec" ],
45 "/bin/traceroute *": [ "exec" ],
46 "/bin/traceroute6 *": [ "exec" ],
47 "/sbin/ip -4 neigh show": [ "exec" ],
48 "/sbin/ip -4 route show table all": [ "exec" ],
49 "/sbin/ip -6 neigh show": [ "exec" ],
50 "/sbin/ip -6 route show table all": [ "exec" ],
51 "/sbin/logread -e ^": [ "exec" ],
52 "/usr/sbin/logread -e ^": [ "exec" ],
53 "/usr/bin/ping *": [ "exec" ],
54 "/usr/bin/ping6 *": [ "exec" ],
55 "/usr/bin/traceroute *": [ "exec" ],
56 "/usr/bin/traceroute6 *": [ "exec" ],
57 "/usr/bin/nslookup *": [ "exec" ],
58 "/usr/libexec/luci-peeraddr": [ "exec" ],
59 "/usr/sbin/iptables --line-numbers -w -nvxL -t *": [ "exec" ],
60 "/usr/sbin/ip6tables --line-numbers -w -nvxL -t *": [ "exec" ]
63 "file": [ "list", "read", "stat" ],
64 "iwinfo": [ "assoclist", "freqlist", "txpowerlist", "countrylist" ],
65 "luci": [ "getConntrackList", "getInitList", "getLocaltime", "getProcessList", "getRealtimeStats", "getTimezones", "getLEDs", "getUSBDevices", "getSwconfigFeatures", "getSwconfigPortState", "getBlockDevices", "getMountPoints" ],
66 "luci-rpc": [ "getBoardJSON", "getDHCPLeases", "getDSLStatus", "getDUIDHints", "getHostHints", "getNetworkDevices", "getWirelessDevices" ],
67 "network.interface": [ "dump" ],
68 "network.rrdns": [ "lookup" ],
69 "network": [ "get_proto_handlers" ],
70 "system": [ "board", "info", "validate_firmware_image" ],
71 "uci": [ "changes", "get" ]
76 "cgi-io": [ "upload" ],
78 "/etc/crontabs/root": [ "write" ],
79 "/etc/dropbear/authorized_keys": [ "write" ],
80 "/etc/init.d/firewall restart": [ "exec" ],
81 "/etc/luci-uploads/*": [ "write" ],
82 "/etc/rc.local": [ "write" ],
83 "/etc/sysupgrade.conf": [ "write" ],
84 "/sbin/block": [ "exec" ],
85 "/sbin/firstboot": [ "exec" ],
86 "/sbin/ifdown": [ "exec" ],
87 "/sbin/ifup": [ "exec" ],
88 "/sbin/reboot": [ "exec" ],
89 "/sbin/sysupgrade": [ "exec" ],
90 "/sbin/wifi": [ "exec" ],
91 "/bin/kill": [ "exec" ],
92 "/bin/tar": [ "exec" ],
93 "/bin/umount": [ "exec" ],
94 "/tmp/backup.tar.gz": [ "write" ],
95 "/tmp/firmware.bin": [ "write" ],
96 "/tmp/upload.ipk": [ "write" ],
97 "/usr/sbin/iptables -Z": [ "exec" ],
98 "/usr/sbin/ip6tables -Z": [ "exec" ]
101 "file": [ "write", "remove", "exec" ],
102 "hostapd.*": [ "del_client" ],
103 "iwinfo": [ "scan" ],
104 "luci": [ "setInitAction", "setLocaltime", "setPassword", "setBlockDetect" ],
105 "uci": [ "add", "apply", "confirm", "delete", "order", "set", "rename" ]
110 "luci-app-firewall": {
111 "description": "Grant access to firewall procedures",
114 "/etc/firewall.user": [ "read" ]
117 "luci": [ "getConntrackHelpers" ]
119 "uci": [ "firewall" ]
123 "/etc/firewall.user": [ "write" ],
124 "/etc/init.d/firewall": [ "exec" ]
126 "uci": [ "firewall" ]
projects / oweals / luci.git / blob