Loadable security modules for D-Bus

Thiago Macieira thiago at kde.org
Mon Jan 9 07:45:21 PST 2012


On Monday, 9 de January de 2012 16.01.32, Lennart Poettering wrote:
> > It is not clear to me, the necessity to load the module dynamically.
> > The plugin could be compiled together with D-Bus, no need for dynamic
> > load.  The source can be independent, just respecting the API but built
> > together. We also need to specify somehow the plugins which are mandatory
> > to be loaded.
> 
> I am strongly against doing this kind of dynamic module loading in the
> D-Bus daemon. Quite frankly, this is just crazy. I see no reason at all
> to have dynamically loaded modules here, if this can be statically
> compiled in, then I see no reason at all to create a complex module
> loading infrastructure with hooks and stuff.
[snip]
> So, yeah, not sure if I have the power to NACK this, but if I do this
> gets a 1st rate NACK from me.

I agree with Lennart and with Felipe's last paragraph: we definitely don't need 
dynamic loading. There is not going to be any distribution where the security 
mechanism isn't known at compile time.

I would take Felipe's work only as far as "let's clean the code up so we don't 
need to patch everywhere for each new mechanism". The code would be compiled 
into the binary in all cases.

-- 
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
   Software Architect - Intel Open Source Technology Center
      PGP/GPG: 0x6EF45358; fingerprint:
      E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freedesktop.org/archives/dbus/attachments/20120109/3cf1ce13/attachment.pgp>


More information about the dbus mailing list