Hi Marcel, On Fri, Sep 7, 2012 at 11:19 PM, Marcel Holtmann <marcel@xxxxxxxxxxxx> wrote: >> Im afraid you will have to go in detail what you want here, the >> security table seems to be meant for checking privileges in a method >> level while we can probably extend it for properties and have >> privileges also in the properties table, but the security table seems >> to be global not per interface. > > you can specify unique integer identifiers as security label to each > method. We could extend that to each property. The security label is > used to pick which security callback to call. Fair enough, but one thing that we might have to consider is that the label could be dynamic e.g. when a method call has a special security policy regarding senders (common when we track senders), so perhaps instead of having the privileges as it is now we need a callback e.g. check_privileges which takes the sender and returns the label/privileges needed. -- Luiz Augusto von Dentz -- To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
