ConsoleKit, PolicyKit, HAL, XDG_SESSION_COOKIE
Lennart Poettering
mzqohf at 0pointer.de
Thu Jul 22 19:30:23 PDT 2010
On Thu, 22.07.10 21:39, Stef Bon (stef at bononline.nl) wrote:
> >I think the XDG_SESSION_COOKIE should go away and be replaced by the
> >audit session id as maintained by the kernel, which however has slightly
> >different semantics.
>
> Why do you think that?
Because it is sufficient to maintain one session cookie/id. There's no
need to maintain a number of them.
Also, the current XDG_SESSION_COOKIE has really strange semantics right
now, because polkit reads it from /proc/$PID/environment. This breaks
when setproctitle is used. Also, it's not trustable
information. Everybody can just creat his own random session if he feels
like it. Since this id is supposed to be used for policy this is a bit
strange.
> What is the audit session id anyway?
Let me google that for you.
/proc/self/sessionid
http://0pointer.de/blog/projects/ids.html
Lennart
--
Lennart Poettering - Red Hat, Inc.
More information about the dbus
mailing list