[patch] get pid of peer

David Zeuthen david at fubar.dk
Thu Jul 15 06:11:14 PDT 2004


On Thu, Jul 15, 2004 at 08:19:42AM -0400, Stephen Smalley wrote:
> On Wed, 2004-07-14 at 21:53, Havoc Pennington wrote:
> > On Tue, 2004-07-13 at 18:57, David Zeuthen wrote:
> > >  <policy image="/usr/libexec/gnome-vfs-daemon">
> > >    <!-- grant something here -->
> > >  </policy>
> > 
> > SELinux may overlap with this, but I'm not sure in what ways.

I just found at last night that on Linux it requires root to resolve the

 /proc/<pid>/exe

symlink so given that D-BUS runs as a unprivileged user, this is
difficult to implement in a clean way. This is a problem; it's a
useful feature of a message bus to grant privileges based on what
process image is asking..

So, I suppose, for the time being at least, that I have to resort to
maintaining the security policy in the hal configuration file. Which
is possible as the hal daemon (running as root) can get the pid of the
connection. But it kind of sucks to do it this way :-(

> The SELinux policy can control based on the peer security context, which
> can include information about the particular executable as well as its
> caller (including possibly the entire call chain, or at least the
> relevant trust boundaries crossed).

Sounds cool. I must admit I haven't studied the SELInux patches to
D-BUS yet, sorry; will D-BUS+SELinux patches alleviate the problem
stated above?

Thanks,
David



More information about the dbus mailing list