Accessing Session Bus through the superuser
Avery Pennarun
apenwarr at gmail.com
Tue Mar 18 10:10:51 PDT 2008
On Mon, Mar 17, 2008 at 6:00 PM, Havoc Pennington <hp at pobox.com> wrote:
> On Mon, Mar 17, 2008 at 5:55 PM, Avery Pennarun <apenwarr at gmail.com> wrote:
> > (On the other hand, it starts as
> > root so it can overwrite other users' messes.)
>
> Exactly - the X server is effectively a system daemon.
It's more like a system program that creates a user session. After
all, there is one X server per session, and a single system can run
more than one X server (eg. http://userful.com/).
That said, I have to concede on this point. All the available options
are pretty gross. Personally I would have optimized for one less
security layer (ie. let the kernel do the security for the session
bus) but the cost of that in grossness elsewhere is unusually high, so
going the other way is also perfectly justified.
The only remaining question is whether to allow root to connect to a
user's session bus, and I think all the important points on both sides
of that question have already been made.
Have fun,
Avery
More information about the dbus
mailing list