DBUS_TYPE_LINUX_CRED ?
Serge Hallyn
serge.hallyn at ubuntu.com
Fri Dec 13 13:58:34 PST 2013
Quoting Thiago Macieira (thiago at kde.org):
> On sexta-feira, 13 de dezembro de 2013 15:53:26, Serge Hallyn wrote:
> > Quoting Thiago Macieira (thiago at kde.org):
> > > On sexta-feira, 13 de dezembro de 2013 14:19:14, Serge Hallyn wrote:
> > > > > I am pretty sure it would be wrong to have something like this as data
> > > > > type. This data should be appended implicitly, not explicitly.
> > >
> > > So it should send them all, like Lennart said that kdbus is already doing.
> >
> > Send all of what?
>
> All of the credentials.
>
> He said: "In kdbus you will also get a variety of creds attached to all
> messages implicitly (pid, gid, uid, pid_starttime, tid, comm, tid_comm,
> cmdline, cgroup, unit, slice, user unit, session, owner uid, eff caps, inh
> caps, perm caps, bounding caps, selinux context, audit session, audit login
> uid)"
>
> > > > It can't be done implicitly, though, since dbus doesn't know which
> > > > ucred I want to send. I'm not authenticating as that task, I just need
> > > > an unambiguous namespace-independent identifier for it.
> > >
> > > Use the unique connection ID.
> >
> > an unambiguous namespace-independent identifier for a task not involved
> > in the connection.
>
Sorry, I think I'm failing to make myself clear.
> The task is involved in the connection since it's sending data in the first
> place.
That task, c, is making a request involving another task, v. It is v's
pid which needs to be sent with an scm_cred so the kernel can translate
it to the server's namespace.
-serge
More information about the dbus
mailing list