[systemd-devel] SD_BUS_VTABLE_CAPABILITY
Lennart Poettering
lennart at poettering.net
Mon Apr 20 17:43:00 PDT 2015
On Thu, 16.04.15 19:30, Lennart Poettering (lennart at poettering.net) wrote:
> I will grant you though that it is confusing that we use
> SD_BUS_CREDS_AUGMENT here like this, and implicitly rely on that the
> selinux label is not a field that is being augmented. We should make
> this explicit, absolutely. I'll now add some code that will make this
> assumption explicit and fails early if the selinux label happens to be
> augmented. Of course in real-life this is impossible to trigger, but
> it's certainly helps understanding the code.
I now added some code for this now, that explicitly verifies that we
don't base authorization decisions on augmented creds. As mentioned,
this is only a safety net, as this cannot really happen anyway, but
let's better be safer than sorry, and let's document our assumption
this way explicitly in the code..
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list