[PATCH] dbus-spec: introduce new PERMIT_INTERACTIVE_AUTHENTICATION

Marcel Holtmann marcel at holtmann.org
Wed Sep 3 15:16:46 PDT 2014 

Hi Thiago,

>> +                <entry><literal>PERMIT_INTERACTIVE_AUTHENTICATION</literal>
>> </entry> +                <entry>0x4</entry>
>> +                <entry>This is a hint that may be set on a method call
>> +                message that informs the receiving side that the
>> +                caller is OK if possibly time-intensive interactive
>> +                user authentication may take place before the method
>> +                call will complete. A client may set this flag if it
>> +                is prepared to wait for a longer time before the
>> +                method call returns, and if its UI may be interrupted
>> +                by interactively querying the user for passwords or
>> +                confirmation. This flag is only useful when
>> +                unprivileged code calls a more priviliged method call,
>> +                and an authentication framework is deployed that
>> +                allows possibly interactive authentication. If no such
>> +                framework is deployed it has no effect. This flag
>> +                should not be set by default by client
>> +                implementations. If it is set the caller also should
>> +                set a suitably long timeout on the method call to make
>> +                sure the user interaction may complete. This flag is
>> +                only valid for method call messages, and shall be
>> +                ignored otherwise.
> 
> How about removing the part about authentication and privileges, simply make 
> the flag indicate that the caller is ok with a lengthy operation from the 
> callee?

if the caller is okay with a lengthy operation it can just set the timeout to whatever it feels is appropriate.

I am in favor of spelling things out clearly. That way the server knows exactly what the client intentions are. In this case, hey it is fine if you want to ask the user. If it is not set, then it tells the server that is should just reject the method call if it is has no sufficient authentication to execute it. Do not try to gain the extra authentication from anyone.

It is a good thing to have a clear meaning of the flag and what it is intended for. A generic flag is not helping the situation here.

Regards

Marcel

More information about the dbus mailing list