per-user dbus

Jörg Barfurth Joerg.Barfurth at Sun.COM
Wed Nov 11 06:56:31 PST 2009 

Lennart Poettering schrieb:

>>> There are some issues to keep in mind though: spawning user code is
>>> relevant to system security, so we probably need to call into PAM
>>> before allowing the user bus to be run under the user's uid. I think
>>> cron does something similar for all user cronjobs is executes.
>> You mean run pam_session?  
> 
> Yes.
> 
>> I'd rather avoid being in the business of running PAM modules.
>> We're going to be called through gdm, cron, and ssh which will
>> already be running pam_session.
> 

> I am not really sure we have an option. If we spawn things from
> outside the session all user limits set for it, yadda yadda will not
> apply. Now, that is good thing on one hand, but a bad thing on the
> other, since stuff like /usr/security/limits.conf would be ignored for
> user bus activated servcies. And that is probably not an option.
> 
> There is a substantial amount of ugliness in all of this. PAM sucks
> anyway, but the fact that we call into the session hooks of PAM for
> something that is explicitly not a session is particularly ugly. But
> then again, I think it is easy enough to be pragmatic about this.
> 

Following the model of cron probably makes sense here. What you start 
could be considered a 'service session', as it is a process (tree) 
running on behalf of a user, but outside any interactive session.

Running session stack only is probably not sufficient. pam_setcred is in 
the auth stack, but may also be part of setting things up correctly for 
a user - on (Open)Solaris pam_unix_cred sets up project, privilege sets 
and audit context.

- Jörg

-- 
Joerg Barfurth
Software Engineer        mailto:joerg.barfurth at sun.com
Desktop Technology
Thin Client Software     http://www.sun.com/software/sunray/
Sun Microsystems GmbH    http://www.sun.com/software/javadesktopsystem/

Sitz der Gesellschaft:
Sun Microsystems GmbH, Sonnenallee 1, D-85551 Kirchheim-Heimstetten
Amtsgericht Muenchen: HRB 161028
Geschaeftsfuehrer: Thomas Schroeder, Wolfgang Engels, Wolf Frenkel
Vorsitzender des Aufsichtsrates: Martin Haering

More information about the dbus mailing list