Loadable security modules for D-Bus

Lennart Poettering mzqohf at 0pointer.de
Mon Jan 9 07:52:57 PST 2012


On Mon, 09.01.12 13:45, Thiago Macieira (thiago at kde.org) wrote:

> On Monday, 9 de January de 2012 16.01.32, Lennart Poettering wrote:
> > > It is not clear to me, the necessity to load the module dynamically.
> > > The plugin could be compiled together with D-Bus, no need for dynamic
> > > load.  The source can be independent, just respecting the API but built
> > > together. We also need to specify somehow the plugins which are mandatory
> > > to be loaded.
> > 
> > I am strongly against doing this kind of dynamic module loading in the
> > D-Bus daemon. Quite frankly, this is just crazy. I see no reason at all
> > to have dynamically loaded modules here, if this can be statically
> > compiled in, then I see no reason at all to create a complex module
> > loading infrastructure with hooks and stuff.
> [snip]
> > So, yeah, not sure if I have the power to NACK this, but if I do this
> > gets a 1st rate NACK from me.
> 
> I agree with Lennart and with Felipe's last paragraph: we definitely don't need 
> dynamic loading. There is not going to be any distribution where the security 
> mechanism isn't known at compile time.
> 
> I would take Felipe's work only as far as "let's clean the code up so we don't 
> need to patch everywhere for each new mechanism". The code would be compiled 
> into the binary in all cases.

Note that I not only think that loadable modules would be a bad idea
here, I also believe that any kind of abstraction towards that goal
would already be wrong. i.e. from Felipe's patch dsm.c needs to go, too,
regardless whether what is hooked in there would be dynamically or
statically compiled.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the dbus mailing list