[patch] get pid of peer
David Zeuthen
david at fubar.dk
Thu Jul 15 06:11:14 PDT 2004
On Thu, Jul 15, 2004 at 08:19:42AM -0400, Stephen Smalley wrote:
> On Wed, 2004-07-14 at 21:53, Havoc Pennington wrote:
> > On Tue, 2004-07-13 at 18:57, David Zeuthen wrote:
> > > <policy image="/usr/libexec/gnome-vfs-daemon">
> > > <!-- grant something here -->
> > > </policy>
> >
> > SELinux may overlap with this, but I'm not sure in what ways.
I just found at last night that on Linux it requires root to resolve the
/proc/<pid>/exe
symlink so given that D-BUS runs as a unprivileged user, this is
difficult to implement in a clean way. This is a problem; it's a
useful feature of a message bus to grant privileges based on what
process image is asking..
So, I suppose, for the time being at least, that I have to resort to
maintaining the security policy in the hal configuration file. Which
is possible as the hal daemon (running as root) can get the pid of the
connection. But it kind of sucks to do it this way :-(
> The SELinux policy can control based on the peer security context, which
> can include information about the particular executable as well as its
> caller (including possibly the entire call chain, or at least the
> relevant trust boundaries crossed).
Sounds cool. I must admit I haven't studied the SELInux patches to
D-BUS yet, sorry; will D-BUS+SELinux patches alleviate the problem
stated above?
Thanks,
David
More information about the dbus
mailing list