User authentication to services
hp at redhat.com
Mon May 31 13:17:00 PDT 2004
On Sun, 2004-05-30 at 18:11, Rob Taylor wrote:
> I would like to make a service on the system bus that can confirm that a message purporting to come from a user actually comes from the user. As far as I can tell dbus has the ability for an app to authenticate to a server and vice versa, but not for one app to authenticate to another app. Are there any plans for adding this kind of funtionality or should i just layer my own authentication on top of the protocol?
> As far as I can tell as I trust the server and the server knows who sent the message if i could ask the server who sent a message, i could authenicate this way, no?
Yes, the bus should be able to say reliably which user a remote
connection authenticated as (assuming you trust the bus, which you
mostly have to).
A solution we've discussed in the past was to have properties for each
connection to the bus that could be queried. So the idea is you send a
message to org.freedesktop.DBus invoking a method such as GetProperties,
where GetProperties would take two arguments, a service name and an
array of property names. It would return either an array of ANY or
perhaps an array of STRING with the property values. (Suggest just using
STRING for now.)
Then there would be some standard properties, such as
org.freedesktop.AuthUserID or whatever.
You have to be careful to use the base service name not a well-known
service name in this context, since the base service name can't be
recycled and thus no spoofing is possible.
If you wanted to implement this, essentially you would add another
method supported by org.freedesktop.DBus in
bus/driver.c:bus_driver_handle_message(). To get the uid to return as
the property value, you would use dbus_connection_get_unix_user().
The GetProperties() implementation would look pretty similar to
bus_driver_handle_get_service_owner() in that it looks up a service,
then returns some info about it.
More information about the dbus