On 30/10/14 11:52, Tom Gundersen wrote: > For example, if you want to get the audit identity > bits, you can now get this attached securely by the kernel, at the > time the message is sent, rather than having to firest get the peer's > $PID from SCM_CREDENTIALS and then read the audit identity bits racily > from /proc/$PID/loginuid and /proc/$PID/sessionid ... which dbus-daemon (traditional D-Bus) deliberately doesn't offer as a feature, because we are not aware of any way to do that over Unix sockets without a race condition; and if we can't have it securely, we don't want to have it at all. <https://bugs.freedesktop.org/show_bug.cgi?id=83499> It would be great if kdbus can fix that omission. Capabilities are in the same boat, and as a result, systemd can't currently have D-Bus methods that can only be called with CAP_WHATEVER. > * fewer userspace context switches [...] > * fewer message copies in userspace Readers are probably already aware of this, but note that D-Bus is designed to be usable between mutually distrusting processes, which is why we use Unix sockets and a lot of copies, rather than mmap or something. S -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
