D-bus security check in interface implementation java

[Matthew Johnson]

On Tue Mar 01 18:39, Tarnakin Sergey wrote:
> Hi I have java application that creates dbus interface call it
> org.freedesctom.MyInterface, and I have other java applications that need to
> comunicate with  this interface. Problem is that I need that only some of
> applications can have access to call this methods. Is there any possibility
> to check in my interface "org.freedesctom.MyInterface" implementation to
> check what application call the method and reject application that must not
> have access. Or there is another way to reach this goal.

If the application is on the system bus then you can restrict which users can
use certain interfaces in the config file. You can also make calls on the
org.freedesktop.DBus special service to find out the PID and UID of the peer
who is making a call to you and decide based on that whether to answer.

On the Session bus only your user can connect (the bus enforces this) and while
you can use the same mechanism to decide based on PID this does not help you
security-wise. If there is malicious code running as your UID, then they can
read and write to the memory of your process anyway so all security bets are
off.

Matt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 835 bytes
Desc: Digital signature
URL: <http://lists.freedesktop.org/archives/dbus/attachments/20110302/53007ac9/attachment.pgp>