On Fri, 2005-03-04 at 16:37 -0500, seth vidal wrote: >Let's say I need a root-running daemon that can actually make chroots >and submit items into chroots to be built. Would it be reasonable and >safe to use dbus to send these requests to the daemon? Is there any way >of restricting or validating WHO sent it? Yes; D-BUS includes a policy framework for restricting messages that can be sent. See J5's article and the D-BUS docs, or browse /etc/dbus-1/system.d for examples. D-BUS can also act as a SELinux userspace object manager; right now it can basically just control raw flow between two domains using the "send_msg" permission; so you could ensure for example that a process running with type user_t can't converse with a process with type yourdaemon_t. Future plans include labeled interfaces for more fine-grained control.
