From freedesktop-dbus Wed Jun 28 07:19:12 2006 From: Thiago Macieira Date: Wed, 28 Jun 2006 07:19:12 +0000 To: freedesktop-dbus Subject: Re: question on and .dbus_keyrings Message-Id: <200606280919.13017.thiago.macieira () trolltech ! com> X-MARC-Message: https://marc.info/?l=freedesktop-dbus&m=117323265630845 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--nextPart2457701.VeVmMMhziV" --nextPart2457701.VeVmMMhziV Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Havoc Pennington wrote: >Most of the time right now it seems to work to do "dbus-launch foobar" >which gives foobar its own private little bus... most foobar will run OK >in that case, though obviously if foobar actually _requires_ desktop >services it won't work ;-) That's the solution I used. Except I've just realised that I forgot to start the other bus :-) >I think this is perhaps a nicer and more general approach than just >hardcoding "root is OK" - though allowing root doesn't really decrease >security in my mind (root could just su to your account, obviously), it >also doesn't "solve for good" this issue. > >This could be done by just adding another auth mechanism. Before adding yet another auth mechanism, I'd like to explore the existing= =20 ones better. I have found very little documentation. Where can I read=20 more about them? And are they still subject to the "root-or-user" rule? >(Are env variables always hidden from other users though? I don't really >know.) Yes, but not from root. =2D-=20 Thiago Jos=E9 Macieira - thiago.macieira AT trolltech.com Trolltech ASA - Sandakerveien 116, NO-0402 Oslo, Norway --nextPart2457701.VeVmMMhziV Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQBEoi1wM/XwBW70U1gRAgnYAJ0R7MMSMjczBFW9vtI+6VtXgmaZxgCgpyF/ Z1rcpsOzyaFHeLlVc+hBI5Y= =hGCm -----END PGP SIGNATURE----- --nextPart2457701.VeVmMMhziV--