diff options
author | Daniel Mack <daniel@zonque.org> | 2014-10-09 13:26:53 +0200 |
---|---|---|
committer | Daniel Mack <daniel@zonque.org> | 2014-11-11 14:14:01 +0100 |
commit | 2a2be74654f0511220cf9a8a72f60ab5705abb87 (patch) | |
tree | 81ef8737582963e93ad2112c9abbbfad3174f0a1 | |
parent | 9cd751d2d0310275b2020bbb32c5e3f61a3cd53b (diff) |
bus-proxyd: move name list iteration to policy users
We need to figure out which of the possible names satisfied the policy,
so we cannot do the iteration in check_policy_item() but have to leave it
to the users.
Test cases amended accordingly.
-rw-r--r-- | src/bus-proxyd/bus-proxyd.c | 26 |
1 files changed, 17 insertions, 9 deletions
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c index 1106986e99..3fc341eaed 100644 --- a/src/bus-proxyd/bus-proxyd.c +++ b/src/bus-proxyd/bus-proxyd.c @@ -475,18 +475,26 @@ static int process_policy(sd_bus *a, sd_bus *b, sd_bus_message *m, Policy *polic assert(b); assert(m); - if (a->is_kernel) - return 0; + if (b->is_kernel) { - r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv); - if (r < 0) - return r; + /* The message came from the kernel, and is sent to our legacy client. */ + r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv); + if (r < 0) + return r; - if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member)) - return -EPERM; +/* + if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member)) + return -EPERM; - if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member)) - return -EPERM; + if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member)) + return -EPERM; +*/ + } else { + + + + + } return 0; } |