Application authorisations

[Bastien Nocera]

Heya,

I wanted to work on an authorisation framework for GeoClue. The goal is
for Geoclue to only be available to applications that the user actively
authorises.

As Geoclue works with multiple D-Bus services, I would first disallow
all the backends to talk to anyone but the Geoclue master D-Bus service
(through checking for binary name, and D-Bus name).

Then, in Geoclue master, keep a list of known binary/D-Bus names to
authorise, and refuse access if they're not on the list.

The problem I have is where would I put the authorisation dialogue?
Could I put it in a separate daemon whose only task would be to write
the authorised binary name/daemon (maybe PID, for one-shot ones)
somewhere?

The goal is to avoid random applications accessing the service without
explicit approval of the user, bar for "special" applications that I'd
like to whitelist (such as a geoclue preferences tab, which would
control the overall authorisation).

Ideas?

Cheers