Age | Commit message (Collapse) | Author |
|
files from core
Stuff in src/shared or src/libsystemd should *never* include code from
src/core or any of the tools, so don't do that here either. It's not OK!
|
|
- actually return permission errors to clients
- use the right ucreds field
- fix error paths when we cannot keep track of locally acquired names
due to OOM
- avoid unnecessary global variables
- log when the policy denies access
- enforce correct policy rule order
- always request all the metadata its we need to make decisions
|
|
We need to figure out which of the possible names satisfied the policy,
so we cannot do the iteration in check_policy_item() but have to leave it
to the users.
Test cases amended accordingly.
|
|
Instead of operating on an sd_bus_message object, expose an API that has 4
functions:
policy_check_own()
policy_check_hello()
policy_check_recv()
policy_check_send()
This also allows dropping extra code to parse message contents - the bus
proxy already has dedicated code paths for that, and we can hook into
those later.
Tests amended accordingly.
|
|
Add policy_check() to actually check whether an incoming message is allowed
by the policy. The code is not yet used from the proxy daemon, though.
|
|
|
|
|
|
Enforcement is still missing, but at least we can parse it now.
|