On 22/10/14 12:37, Lennart Poettering wrote: > When used with kdbus we actually do check for that client-side > capability. THis is not available on dbus1 however, since we cannot > determine the capability racefreely and thus safely
... because the kernel doesn't give us that ability on Unix sockets. See <https://bugs.freedesktop.org/show_bug.cgi?id=83499> for more on what Unix socket semantics *do* allow socket-based D-Bus to rely on. A solution requires new kernel features: either something like kdbus, or a way for a Unix socket client to prove to the server that it had a particular capability either at the time the socket opened (a new SCM_CAPABILITIES analogous to SCM_CREDS?) or at the time that a particular message was queued (subtle, probably best avoided). S _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
