summaryrefslogtreecommitdiff
path: root/src/bus-proxyd/bus-policy.h
AgeCommit message (Collapse)Author
2014-12-23core: rearrange code so that libsystemd/sd-bus/ does not include header ↵Lennart Poettering
files from core Stuff in src/shared or src/libsystemd should *never* include code from src/core or any of the tools, so don't do that here either. It's not OK!
2014-11-27bus-proxy: beef up policy enforcementLennart Poettering
- actually return permission errors to clients - use the right ucreds field - fix error paths when we cannot keep track of locally acquired names due to OOM - avoid unnecessary global variables - log when the policy denies access - enforce correct policy rule order - always request all the metadata its we need to make decisions
2014-10-09bus-policy: move name list iteration to policy usersDaniel Mack
We need to figure out which of the possible names satisfied the policy, so we cannot do the iteration in check_policy_item() but have to leave it to the users. Test cases amended accordingly.
2014-09-24bus-policy: split API for bus-proxydDaniel Mack
Instead of operating on an sd_bus_message object, expose an API that has 4 functions: policy_check_own() policy_check_hello() policy_check_recv() policy_check_send() This also allows dropping extra code to parse message contents - the bus proxy already has dedicated code paths for that, and we can hook into those later. Tests amended accordingly.
2014-09-20bus-policy: add policy check functionDaniel Mack
Add policy_check() to actually check whether an incoming message is allowed by the policy. The code is not yet used from the proxy daemon, though.
2014-06-16bus-proxy: policy - ignore unsupported tags and attributesKay Sievers
2014-06-10bus-proxy: read the right policy when running in user modeLennart Poettering
2014-06-06bus: add basic dbus1 policy parserLennart Poettering
Enforcement is still missing, but at least we can parse it now.