Tracking users/sessions on the console

Havoc Pennington hp at redhat.com
Sun Jan 29 13:05:43 PST 2006


On Sun, 2006-01-29 at 09:51 -0500, David Zeuthen wrote:
> Again, the main reason I want this is not for system level to connect
> to
> desktop sessions (though it has a few nice side effects) but to give
> us
> more than just uid/pid for allowing/denying method calls. To do things
> securely, things like HAL really needs to know e.g. what console the
> caller is on and whether that console is presently active.. 

If we want to base security policy on it, doesn't the system bus have to
"verify" the session claimed by each thing that connects to it?

I can imagine something based on PID (e.g. ask the session bus if the
PID of the system bus connection is also attached to the session bus),
though this requires trusting the session bus so probably isn't
viable... maybe something like the system bus gives each session bus a
secret cookie, and to show membership in the session an app has to get
the cookie from the session bus and hand it back to the system bus...
but again this assumes we trust the session bus not to "leak" the
cookie.

What am I missing?

Havoc




More information about the dbus mailing list