[patch] get pid of peer

Havoc Pennington hp at redhat.com
Wed Jul 14 18:53:25 PDT 2004


On Tue, 2004-07-13 at 18:57, David Zeuthen wrote:
>  <policy image="/usr/libexec/gnome-vfs-daemon">
>    <!-- grant something here -->
>  </policy>

SELinux may overlap with this, but I'm not sure in what ways.

>  - not all platforms easily support this; it kind of require passing
>    credentials on the socket for authentication.

I would suggest:
 - add an error for PROCESS_ID_UNKNOWN rather than just using FAILED
 - if there's no sensible process ID on Windows, or maybe even if 
   there is (and it's effectively a different semantic),
   should call it GetUnixProcessID()

>  - I'm not sure at all I'm doing the right thing in the function
>    dbus-auth.c:handle_server_data_external_mech()

I expect the code would be much clearer if
authorized_identity/desired_identity where just dbus_uid_t rather than
the struct. Since e.g. we don't want to read the gid here, we want to
look up the gid based on the uid.

I would say also we want to fill in the pid always when it's available,
regardless of authentication method used.

In the test code, it wouldn't hurt to verify that the PID in fact has
the right value, if there's some reasonable way to do so.

In connection_get_process_id(), maybe a better default initialization is
DBUS_PID_UNSET or whatever it's called instead of INT_MAX. (Though I
think PID_UNSET probably is the same as UINT_MAX)?

Thanks,
Havoc




More information about the dbus mailing list