Code review comment for lp:~jamesodhunt/upstart/upstart-dbus-bridge
Revision history for this message
| Steve Langasek (vorlon) wrote | # |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
On Tue, Jun 25, 2013 at 08:22:28PM -0000, Ted Gould wrote:
> The reason that I think the system event bridge needs to be in the user
> session is so that the bus is connected to as the user, so the usual
> protections there (AppArmor for instance) will be able to monitor that
> connection. I don't think that using the system dbus event bridge is a
> good idea, because it could result in these mechanisms being subverted.
> That doesn't mean I think it couldn't be fixed, but I don't think it
> should block the feature landing because the work around of having two
> event bridges per session will work and isn't that expensive (the event
> bridge is small).
Note that, *if* we have a dbus bridge running at the system level, and there
are system jobs configured to want certain dbus events, these dbus events
will by default leak across the other bridge into the user session as
:sys:dbus events. So if visibility of these events is truly a concern, we
probably need to discuss with the security team how to make this happen.