Pluggable auth modules
Thiago Macieira
thiago at kde.org
Wed Jun 1 12:48:31 PDT 2011
On Wednesday, 1 de June de 2011 12:34:25 Pavel Strashkin wrote:
> Let's discuss it more, pluses/minuses, because right now i don't see
> the real NO why we can't do it (ABI isn't changed, 100%
> backward-compatibility, good feature), only time and i agree to spend
> my own.
I think that libdbus-1 should only concern itself with the marshalling and
demarshalling, with maybe a file-descriptor based implementation. Any fancier
kind of transport, including SSL-based ones, should be implemented by an upper
layer. For that reason, authentication should also be provided by the upper
layer.
The session and system buses should not try to authenticate. There's no point
in that -- the system bus allows everyone to connect anyway and the session
bus limits to the UID anyway. The only point of the initial handshake is to
exchange capabilities and even then there are some that depend on the
transport being used (well, the only capability we currently have).
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Senior Product Manager - Nokia, Qt Development Frameworks
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freedesktop.org/archives/dbus/attachments/20110601/666791c8/attachment.pgp>
More information about the dbus
mailing list