Permissions on key directories/files.

Havoc Pennington hp at
Tue Mar 16 19:21:13 EET 2004


The way dbus works is in my view the best solution for the general case,
though it's not really going to work for X I don't think.

In essence what dbus does is:
 - the listening server creates a file in /tmp with a random name
 - you then have a well-known way or ways to discover the filename

Then you have no problem with collisions. There's a bit of a garbage
collection problem because UNIX is dumb and you get dead sockets around;
the fix is twofold:
 - on Linux, use abstract sockets instead
 - on other UNIX, run a cron job with dbus-cleanup-sockets to mop up 
   dead sockets

The specific way dbus works is to set an environment variable with the
address for the message bus; the address includes the filename in the
UNIX domain socket case. This works fine since the bus is scoped

In contexts other than dbus, possibilities for locating the filename
include setting a root window property, advertising it on the message
bus, etc. Or just using the message bus in the first place instead of
inventing a new kind of thing that needs a socket.

The problem I'd like to solve even more than this one is to use
dbus-style cookie authentication; i.e. make the cookie file map a random
ID number determined by the server to a cookie, rather than mapping a
hostname to a cookie. Then pass the ID number to clients as a challenge
and the clients have to return the cookie. Then one can change hostname
with impunity.


More information about the xdg mailing list