D-Bus optimizations
Colin Walters
walters at verbum.org
Thu Mar 1 04:36:53 PST 2012
On Tue, 2012-02-28 at 13:56 +0100, Thiago Macieira wrote:
> This applies to malformed messages, but does not apply to well-formed but
> spoofed messages. The checking of the credentials needs to be done by a
> trusted source.
Right. Being able to spoof Sender would be a major regression if
multicast sockets were used in their current form on the system bus.
We could probably get away with it on the session bus. I'm not
aware of anyone actively trying to differentiate between applications
on the session bus, mainly because you hit the immediate problem
of them sharing a uid.
More information about the dbus
mailing list