[patch] get pid of peer
Havoc Pennington
hp at redhat.com
Wed Jul 14 18:53:25 PDT 2004
On Tue, 2004-07-13 at 18:57, David Zeuthen wrote:
> <policy image="/usr/libexec/gnome-vfs-daemon">
> <!-- grant something here -->
> </policy>
SELinux may overlap with this, but I'm not sure in what ways.
> - not all platforms easily support this; it kind of require passing
> credentials on the socket for authentication.
I would suggest:
- add an error for PROCESS_ID_UNKNOWN rather than just using FAILED
- if there's no sensible process ID on Windows, or maybe even if
there is (and it's effectively a different semantic),
should call it GetUnixProcessID()
> - I'm not sure at all I'm doing the right thing in the function
> dbus-auth.c:handle_server_data_external_mech()
I expect the code would be much clearer if
authorized_identity/desired_identity where just dbus_uid_t rather than
the struct. Since e.g. we don't want to read the gid here, we want to
look up the gid based on the uid.
I would say also we want to fill in the pid always when it's available,
regardless of authentication method used.
In the test code, it wouldn't hurt to verify that the PID in fact has
the right value, if there's some reasonable way to do so.
In connection_get_process_id(), maybe a better default initialization is
DBUS_PID_UNSET or whatever it's called instead of INT_MAX. (Though I
think PID_UNSET probably is the same as UINT_MAX)?
Thanks,
Havoc
More information about the dbus
mailing list