[RFC] dbus-python API (re)definition
Daniel P. Berrange
dan at berrange.com
Thu Aug 31 11:12:31 PDT 2006
On Thu, Aug 31, 2006 at 02:10:54PM -0300, Johan Dahlin wrote:
> A couple of weeks ago I started a new set of python bindings for dbus
> using ctypes, they can be found here:
>
> http://svn.async.com.br/cgi-bin/viewcvs.cgi/pydbus/
>
> For checking out the tree using subversion, issue this command:
>
> svn co svn://svn.async.com.br/pydbus
>
> They should be considered as a prototype at this point, even so I think
> they serve well as a starting point for future work.
Unfortunately there is one major problem with ctypes - it requires the
application in question to have executable stack. Traditionally i386 Linux
does allow this, but many platforms/OS do not. Even on Linux this is changing
because current SELinux security policy explicitly forbids executable
stack. For more info checkout the 'execstack' entry:
http://people.redhat.com/drepper/selinux-mem.html
eg, As a simple demo running on Fedora Core 6 with SELinux:
$ cat demo.py
#!/usr/bin/python
from ctypes import *
dbus = cdll.LoadLibrary("libdbus-1.so.3")
$ python demo.py
Traceback (most recent call last):
File "demo.py", line 3, in ?
from ctypes import *
File "/usr/lib64/python2.4/site-packages/ctypes/__init__.py", line 16, in ?
from _ctypes import Union, Structure, Array
ImportError: /usr/lib64/python2.4/site-packages/_ctypes.so: cannot enable executable stack as shared object requires: Permission denied
So unless Python ctypes can be fixed to not require execstack, using it
for DBus does not seem like a sensible / viable option. Particularly since
we go to such length to ensure DBus takes security as seriously as possible.
Regards,
Dan.
--
|=- GPG key: http://www.berrange.com/~dan/gpgkey.txt -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- berrange at redhat.com - Daniel Berrange - dan at berrange.com -=|
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.freedesktop.org/archives/dbus/attachments/20060831/de423685/attachment.pgp
More information about the dbus
mailing list