winDBus authentication stage
syntheticpp at gmx.net
Tue Mar 13 15:11:34 PDT 2007
Havoc Pennington wrote:
> Ralf Habacker wrote:
>>> It just happens because of the hack used to implement dbus_uid_t on
>>> Windows; the dbus_uid_t is an atom, and nobody changed the part of the
>>> code that converts to a string for auth to do the right thing on
>>> windows and convert to an sid string instead of a number.
>> Hmmh, using dbus_uid_t was your proposal see
> I also said in that thread for example just what I suggested in this
> Or perhaps to go more cross platform, you could have a "uid to
> string" and "uid from string" function ? where the string would be an
> "external form" and the integer is not allowed to leave the dbus
> process, on either platform.
> Or have to/from string converters, and have the rule that to go
> outside the process you have to do this conversion. I'm not sure
> where this comes up in the dbus codebase - it may well, in the config
> file or in the auth protocol. GlobalAddAtom() seems like it'd be a
> little scary... especially if it leaked out of dbus internals and
> effectively became some sort of public API...
> In any case, it doesn't matter; it's clearly broken to do what the code
> is doing now (sending weird atoms over the wire), and it's very easy to
> fix by adding a append-uid-to-string function which would just
> append_uint() on unix and do something else on windows.
So I assume, you also the already existing functions
will not help much.
>>> There's also a leak problem where there's no reliable way to
>>> GlobalDeleteAtom, afaict. This hack should not be escaping over the
>>> wire, as has been discussed to death.
>> No idea why this goes wrong. Have you any pointer in the list ?
> 1) if you create a system-global atom then you need to delete it
> somehow. MSDN says they are not automatically deleted when the app exits.
> 2) it is escaping over the wire because the code in dbus-auth.c just
> sends the numeric value of dbus_uid_t over the wire. If you change this
> to send a string sid or username instead of integer, then you no longer
> need *global* atoms, just per-process atoms. Thus 1) is solved.
> dbus mailing list
> dbus at lists.freedesktop.org
More information about the dbus