On 30/10/14 18:08, Djalal Harouni wrote: > So, this is similar to AF_UNIX sockets. For them there's SCM_CREDENTIALS > and SO_PEERCRED. The former uses credentials at the time of when > messages are being sent, the latter uses the credentials at the time > when when the connection was initially established. Please note that dbus-daemon, the reference implementation of D-Bus, does not actually ever use SCM_CREDENTIALS on its AF_UNIX sockets. We prefer to use Linux's SO_PEERCRED, or the platform's closest available equivalent if there is one. dbus-daemon has methods (RPC calls) to get a specified peer's uid, pid or LSM data (e.g. SELinux context), but those methods return the value that was true when the connection was opened or shortly afterwards, not the value that is true right now. I believe the plan is that kdbus has ioctls that are equivalent to those RPC calls, but without needing to wait for asynchronous socket events to get an answer. The reason I say "or shortly afterwards" is that for the benefit of platforms where the "best" credentials transfer mechanism behaves like Linux SCM_CREDENTIALS, such as FreeBSD's SCM_CREDS, the beginning of a D-Bus protocol stream is that the client sends '\0' to dbus-daemon, accompanied by SCM_CREDS or whatever if the platform needs it. On Linux we just send a plain '\0' with no out-of-band data at that point. The only out-of-band data we send with individual D-Bus RPC messages later in the connection's lifetime is for fd-passing (SCM_RIGHTS). It would be a perfectly reasonable feature request to have individual D-Bus messages that contain proof that, *at the time of sending*, the sender possessed a given uid/pid/gid/capability/whatever, but we do not currently have that feature. It would be reasonable for kdbus to have that feature even though traditional D-Bus doesn't, and it's entirely possible that it is a feature that would be of benefit for e.g. systemd, but it is not required for feature parity with traditional D-Bus over AF_UNIX; it should be included in kdbus, or not, on its own merits. S -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html