DBUS_TYPE_LINUX_CRED ?

Serge Hallyn serge.hallyn at ubuntu.com
Fri Dec 13 13:58:34 PST 2013


Quoting Thiago Macieira (thiago at kde.org):
> On sexta-feira, 13 de dezembro de 2013 15:53:26, Serge Hallyn wrote:
> > Quoting Thiago Macieira (thiago at kde.org):
> > > On sexta-feira, 13 de dezembro de 2013 14:19:14, Serge Hallyn wrote:
> > > > > I am pretty sure it would be wrong to have something like this as data
> > > > > type. This data should be appended implicitly, not explicitly.
> > > 
> > > So it should send them all, like Lennart said that kdbus is already doing.
> > 
> > Send all of what?
> 
> All of the credentials.
> 
> He said: "In kdbus you will also get a variety of creds attached to all 
> messages implicitly (pid, gid, uid, pid_starttime, tid, comm, tid_comm, 
> cmdline, cgroup, unit, slice, user unit, session, owner uid, eff caps, inh 
> caps, perm caps, bounding caps, selinux context, audit session, audit login
> uid)"
> 
> > > > It can't be done implicitly, though, since dbus doesn't know which
> > > > ucred I want to send.  I'm not authenticating as that task, I just need
> > > > an unambiguous namespace-independent identifier for it.
> > > 
> > > Use the unique connection ID.
> > 
> > an unambiguous namespace-independent identifier for a task not involved
> > in the connection.
> 

Sorry, I think I'm failing to make myself clear.

> The task is involved in the connection since it's sending data in the first 
> place.

That task, c, is making a request involving another task, v.  It is v's
pid which needs to be sent with an scm_cred so the kernel can translate
it to the server's namespace.

-serge


More information about the dbus mailing list