summaryrefslogtreecommitdiff
path: root/src/machine/machine-dbus.c
diff options
context:
space:
mode:
authorDaniel Mack <daniel@zonque.org>2014-10-23 13:06:38 +0200
committerDaniel Mack <daniel@zonque.org>2014-11-11 16:51:45 +0100
commited6d629a3487105e31415db9e175dd698ac20125 (patch)
tree6c7b0aa71d1697a6c696099fd7826e00784ccad7 /src/machine/machine-dbus.c
parent0b906b8d6f901866046636e75e138348afb1d8c0 (diff)
bus-proxyd: explicitly address messages to unique and well-known name
In order to check for matching policy entries at message transfers, we have to consider the following: * check the currently owned names of both the sending and the receiving peer. If the sending peer is connected via kdbus, the currently owned names are already attached to the message. If it was originated by the connection we're proxying for, we store the owned names in our own strv so we can check against them. * Walk the list of names to check which name would allow the message to pass, and explicitly use that name as destination of the message. If the destination is on kdbus, store both the connection's unique name and the chosen well-known-name in the message. That way, the kernel will make sure the supplied name is owned by the supplied unique name, at the time of sending, and return -EREMCHG otherwise. * Make the policy checks optional by retrieving the bus owner creds, and when the uid matches the current user's uid and is non-null, don't check the bus policy.
Diffstat (limited to 'src/machine/machine-dbus.c')
0 files changed, 0 insertions, 0 deletions