[Telepathy] Tubes D-Bus API, again
Simon McVittie
simon.mcvittie at collabora.co.uk
Tue Aug 14 02:57:14 PDT 2007
We're nearly there - we have a Tubes API in -spec darcs - but there's
still a piece missing: access control. I think we can integrate this in
a fairly simple/stupid way for now and revisit it later.
The problem: The CM creates a listening socket, either TCP or Unix.
Who's allowed to connect to that socket? How are undesirables detected?
For the moment, perhaps we could just add a method:
AllowAllLocalConnections(u: tube_id)
Allow connections to the socket corresponding to the given tube
ID from any peer on the local machine.
and require that clients call it before accessing stream sockets. Later
on, we can add finer-grained access control functions that you can call
instead to get narrower restrictions, so this stuff can become safe to use
on multi-user machines.
For D-Bus tubes, we can have the default be "allow connections from the
same user ID", so no access-control method call will be needed in most
cases.
Thoughts? I think having something like this is a requirement for making the
Tubes spec official, since if we added my proposal later, existing code that
just started using the socket without calling some access-control method would
break.
Simon
More information about the Telepathy
mailing list