question on <auth> and .dbus_keyrings
bastian at kde.org
Sun Jun 25 11:44:18 PDT 2006
On Saturday 24 June 2006 12:14, Havoc Pennington wrote:
> I was looking at the comment at policy.c:457 , looking again the code
> right after the comment does not do what the comment says ;-)
> According to cvs history the code and the comment were in the same
> patch, so who knows what we intended...
I think it makes sense to say that, as a matter of policy, the system bus
should be used for anything that crosses privilege boundaries. I think it
also make sense to keep the current code as is and update the comment, since
it doesn't seem to have bitten anyone so far that root can't connect to the
The disadvantage is that you can't run an arbitrary program as root and tell
it to connect to an existing session bus, but from a security pov that is
probably better anyway.
Linux Client Architect - Channel Platform Solutions Group - Intel Corporation
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 191 bytes
Desc: not available
Url : http://lists.freedesktop.org/archives/dbus/attachments/20060625/eb642bdc/attachment.pgp
More information about the dbus