[systemd-devel] About systemd call dbus session bus
Simon McVittie
simon.mcvittie at collabora.co.uk
Fri Feb 6 04:02:14 PST 2015
On 06/02/15 03:32, 张洋 wrote:
> dbus-daemon --session --print-address --fork > /tmp/session_amgr
This is a security flaw (the search keywords to look for are "symlink
attack").
> export DBUS_SESSION_BUS_ADDRESS=`cat /tmp/session_amgr`
This only affects the environment of the shell script that is about to
exit, rendering it relatively useless. To set an environment variable
for systemd, use "systemctl import-environment DBUS_SESSION_BUS_ADDRESS"
- but don't do that for the system instance of systemd, it is not
appropriate for random system services to share a session bus.
The question to ask yourself when dealing with the session bus and
system services, what does "session" mean on your platform, and whose
session is it (as in which uid)? The right way to manage your session
follows from the answers to those questions.
For an embedded system, you probably want the "user session" enhancement
for dbus, which I'm currently upstreaming into dbus 1.9.x.
Regards,
S
--
Simon McVittie
Collabora Ltd. <http://www.collabora.com/>
More information about the systemd-devel
mailing list