[systemd-devel] [PATCH 0/5] kdbus: allow multiple policies

Kay Sievers kay at vrfy.org
Mon Aug 4 02:58:13 PDT 2014


On Sun, Aug 3, 2014 at 4:39 PM, Djalal Harouni <tixxdz at opendz.org> wrote:
> On Thu, Jul 31, 2014 at 10:38:47PM +0200, Kay Sievers wrote:
> [...]
>> > Still I see three points here from how much pressure and job should
>> > the policy holding connection do!
>> > 1) Register policy entries (handled internally), no communication
>> > 2) Register policy entries + do basic communication based on ID
>> > 3) Register policy entries + acquire name or names + do communication
>> >    based on names...
>>
>> Policy holders and activators can never communicate. Activator
>> connection can get messages queued, but they cannot be received by the
>> activator connection.
> Please, another point here:
>
> Currently the policy holding connection is able to own a well-known
> name, which makes it able to communicate and receive messages through
> this name.
>
> IIRC this was discussed last time in this list, but it is still unclear
> at least for me, and in different places of the code we only check for
> activators when doing send/recv validation.
>
> So I guess we should also block policy holders from owning well-known
> names ? hmm, then add the policy holders to the "block X connections
> from sending or receiving... ".

Yes, it sounds like the activators and policy holders should not be
able to acquire any names or send/receive any messages.

Kay


More information about the systemd-devel mailing list