On 2016-07-15 11:05, Wim Taymans wrote: > Hi guys, > > I'm having another look at the access control patches. I revived my old > patches and found some trouble with the async stuff that I fixed here: > > https://cgit.freedesktop.org/~wtay/pulseaudio/log/?h=access-hooks > <https://cgit.freedesktop.org/%7Ewtay/pulseaudio/log/?h=access-hooks> FWIW, I also remember fixing a bug or two before I added your patches to Ubuntu. The way it looks in Ubuntu now is here: http://anonscm.debian.org/cgit/pkg-pulseaudio/pulseaudio.git/tree/debian/patches?h=ubuntu (see patches 0406, 0407 and 0408) > > There is also an example on how to start and complete an async access > check for starting a recording. I believe Ahmed Darwish is building on > top of that so it might be useful to get it working. > > Now I'm taking a look at the info in pa_client that is available to decide > what access checks we need to do for each client. > > Ideally we would need the pid of the process with we can currently find > in the pa_proplist of the client. Unfortunately this pid is whatever > the client > sends us in a proplist in the set_client_name command so we need something > more secure. > > We do send the pid and gid with the SCM_CREDENTIALS ancillary data in > the AUTH command. Since the kernel checks things, we can be guaranteed > that when we get the credentials, they are correct. > > What I would like to do is make these credentials available somewhere. I > would like to make a new key in the client proplist with the verified > pid from > the credentials but the problem is that we then need to make sure that a > set_client_name command can't overwrite the value, which involves some > filtering or keys. > > Alternatively we could make a new pa_client field to store the > verified pid > and gid.. Does this sound better or worse? > > Wim > > > > > > > > > > _______________________________________________ > pulseaudio-discuss mailing list > pulseaudio-discuss at lists.freedesktop.org > https://lists.freedesktop.org/mailman/listinfo/pulseaudio-discuss
