[patch] Add setuid helper
Richard Hughes
hughsient at gmail.com
Mon Jun 18 08:24:56 PDT 2007
On Mon, 2007-06-18 at 11:04 -0400, Havoc Pennington wrote:
> - it is not necessary to use an underscore prefix on static functions
OOps.
> - I think there may be a STARTER_BUS_TYPE that goes with
> STARTER_BUS_ADDRESS (?)
Yup, I'll add that.
> - we are kind of randomly mixing dbus wrappers (_dbus_getenv(), etc.)
> with direct API usage (clearenv(), etc.)
Yes, sucky.
> The dbus wrappers have two supposed purposes:
> - abstraction of any portability issues
> - the "vsftpd" security rationale which may be in HACKING or
> somewhere; to safety-ize APIs by making them use DBusString
> for example, and to generally be able to audit all use of
> system libs
>
> Portability issues are minimal here since we are only worried about
> unix, but there may be some small ones perhaps.
>
> I'm not sure what to do in this context, on one level it is easier
> to audit the suid helper if it has no dependencies at all (no
> wrappers), but that isn't achievable since it's using all the
> dbus infrastructure (parsers, DBusString, etc.), so maybe we should
> go ahead and do things the full "dbus way" and use only wrappers.
Yes, I'll add a wrapper to do this "the dbus way".
Richard.
More information about the dbus
mailing list