On Thu, Oct 30, 2014 at 06:46:48PM +0000, Simon McVittie wrote: > On 30/10/14 18:08, Djalal Harouni wrote: > > So, this is similar to AF_UNIX sockets. For them there's SCM_CREDENTIALS > > and SO_PEERCRED. The former uses credentials at the time of when > > messages are being sent, the latter uses the credentials at the time > > when when the connection was initially established. > > Please note that dbus-daemon, the reference implementation of D-Bus, > does not actually ever use SCM_CREDENTIALS on its AF_UNIX sockets. We > prefer to use Linux's SO_PEERCRED, or the platform's closest available > equivalent if there is one. dbus-daemon has methods (RPC calls) to get a > specified peer's uid, pid or LSM data (e.g. SELinux context), but those > methods return the value that was true when the connection was opened or > shortly afterwards, not the value that is true right now. I believe the > plan is that kdbus has ioctls that are equivalent to those RPC calls, > but without needing to wait for asynchronous socket events to get an answer. Correct, we are compatible to SO_PEERCRED and every peer can request that using KDBUS_CMD_CONN_INFO ioctl(), no need for asynchronous operations. Thank you Simon for your feedback! -- Djalal Harouni http://opendz.org -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
