[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-core-devel
Subject:    Re: Making kwallet more secure
From:       nf2 <nf2 () scheinwelt ! at>
Date:       2008-08-23 11:26:20
Message-ID: 48AFF3DC.4080603 () scheinwelt ! at
[Download RAW message or body]

Michael Leupold wrote:
> - Make kwallet use p2p d-bus. Actually I'm not sure if that would work because 
> I couldn't find enough information about that matter. If I create a new bus 
> bypassing the daemon, couldn't other processes still connect to it as well?

Well - i think p2p d-bus doesn't really have a "bus". It's just a socket 
connections talking the d-bus protocol. So nobody else can eavesdrop them.

I think you would need to create a DBusServer:

   dbus_server_listen()

And once a client connects call

   dbus_connection_get_unix_process_id()            

and look up the absolute path of the calling application to store in the 
ACL (or to show in the dialog) using something like the code in

http://svn.gnome.org/viewvc/gnome-keyring/trunk/common/gkr-daemon-util.c

--> gkr_daemon_client_set_current()

because this doesn't work on non-unix platforms, the client should 
probably always send its path but with daemon-side validation only 
enabled on unixes.

Cheers,
Norbert




[prev in list] [next in list] [prev in thread] [next in thread]