Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[dbus] Enablers for limiting dbus methods to privileged clients. JB#3…
…8607 D-Bus configuration mechanisms do not support allowing/denying method calls based on effective uid/gid. While mce already has multiple partially overlapping ways to track clients, none of these are suitable for effective uid/gid checking. Track all D-Bus peers doing ipc with mce and maintain a cache of properties relevant for privilege checks for each peer. Delay execution of privileged method calls until the peer details are known so that access can be granted / denied. Rewrite existing client exit, service availability and debug identity tracking to utilize the same logic that is used for privilege checks. Also remove / hide some mce-dbus functions that are not used by other parts of mce code base. Signed-off-by: Simo Piiroinen <simo.piiroinen@jollamobile.com>
- Loading branch information