DBus in the kernel?
Ville M. Vainio
vivainio at gmail.com
Tue Jan 5 06:28:32 PST 2010
On Tue, Jan 5, 2010 at 3:55 PM, Daniel P. Berrange <dan at berrange.com> wrote:
> NB, the daemon does more than just pass data between the clients, in
> particular it enforces the security policy for what signals/methods/
> interfaces/ etc each client is allowed to access. In a peer-to-peer
> model you'd need to push the security policy out to each client
Would handling that level of security policy on dbus client process
(through libdbus) really be that bad? We'd assume, of course, that
we'd already have received sufficient peer credential information from
the dbus-daemon that handed us the socket in the first place.
I guess there might be a document somewhere explaining why the current
approach is necessary, but I can't help thinking the current approach
trades performance for simplicity and proven code.
--
Ville M. Vainio
http://tinyurl.com/vainio
More information about the dbus
mailing list