summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--TODO2
-rw-r--r--src/bus-proxyd/bus-proxyd.c9
2 files changed, 6 insertions, 5 deletions
diff --git a/TODO b/TODO
index e5318d78db..0999c9040d 100644
--- a/TODO
+++ b/TODO
@@ -152,7 +152,6 @@ Features:
- implement monitor logic
- see if we can drop more message validation on the sending side
- add API to clone sd_bus_message objects
- - SD_BUS_COMMENT() macro for inclusion in vtables, syntax inspired by gdbus
- systemd-bus-proxyd needs to enforce good old XML policy
- upload minimal kdbus policy into the kernel at boot
- kdbus: matches against source or destination pids for an "strace -p"-like feel. Problem: The PID info needs to be available in userspace too...
@@ -170,6 +169,7 @@ Features:
- bus proxy: override unique id sender for messages from driver to match the well-known name
- bus driver: GetNameOwner() for "org.freedesktop.DBus" should return "org.freedesktop.DBus"
- update systemd.special(7) to mention that dbus.socket is only about the compatibility socket now
+ - bus proxy should fake seclabel when connecting to kdbus
* sd-event
- allow multiple signal handlers per signal?
diff --git a/src/bus-proxyd/bus-proxyd.c b/src/bus-proxyd/bus-proxyd.c
index b03845921f..ca2a2ab44d 100644
--- a/src/bus-proxyd/bus-proxyd.c
+++ b/src/bus-proxyd/bus-proxyd.c
@@ -465,10 +465,11 @@ int main(int argc, char *argv[]) {
a->fake_creds_valid = true;
}
- if (peersec) {
- a->fake_label = peersec;
- peersec = NULL;
- }
+ /* FIXME: faking security labels is broken in kdbus right now */
+ /* if (peersec) { */
+ /* a->fake_label = peersec; */
+ /* peersec = NULL; */
+ /* } */
a->manual_peer_interface = true;