Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932898AbbGJOZ2 (ORCPT ); Fri, 10 Jul 2015 10:25:28 -0400 Received: from mondschein.lichtvoll.de ([194.150.191.11]:51631 "EHLO mail.lichtvoll.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754390AbbGJOZV convert rfc822-to-8bit (ORCPT ); Fri, 10 Jul 2015 10:25:21 -0400 From: Martin Steigerwald To: David Herrmann Cc: Stephen Smalley , Greg KH , Daniel Mack , Djalal Harouni , lkml , LSM , Paul Osmialowski , Casey Schaufler , Paul Moore Subject: Re: kdbus: credential faking Date: Fri, 10 Jul 2015 16:25:19 +0200 Message-ID: <1541251.1aWp6z2HsQ@merkaba> User-Agent: KMail/4.14.10 (Linux/4.1.0-tp520-btrfstrim-pstatetrace+; KDE/4.14.2; x86_64; git-3a40aa3; 2015-06-28) In-Reply-To: <2655319.HiHStWqHEi@merkaba> References: <559EBCC0.7040604@tycho.nsa.gov> <2655319.HiHStWqHEi@merkaba> MIME-Version: 1.0 Content-Transfer-Encoding: 8BIT Content-Type: text/plain; charset="utf-8" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2195 Lines: 59 Am Freitag, 10. Juli 2015, 16:20:44 schrieb Martin Steigerwald: > Am Freitag, 10. Juli 2015, 15:43:08 schrieb David Herrmann: > > Hi > > Hi, > > > On Fri, Jul 10, 2015 at 3:25 PM, Stephen Smalley > > > > wrote: > > > On 07/09/2015 06:22 PM, David Herrmann wrote: > > >> To be clear, faking metadata has one use-case, and one use-case only: > > >> dbus1 compatibility > > >> > > >> > > >> > > >> In dbus1, clients connect to a unix-socket placed in the file-system > > >> hierarchy. To avoid breaking ABI for old clients, we support a > > >> unix-kdbus proxy. This proxy is called systemd-bus-proxyd. It is > > >> spawned once for each bus we proxy and simply remarshals messages > > >> from > > >> the client to kdbus and vice versa. > > > > > > > > > > > > Is this truly necessary? Can't the distributions just update the > > > client > > > side libraries to use kdbus if enabled and be done with it? Doesn't > > > this proxy undo many of the benefits of using kdbus in the first > > > place? > > > > > > > > We need binary compatibility to dbus1. There're millions of > > applications and language bindings with dbus1 compiled in, which we > > cannot suddenly break. > > Wow, do I get this right, that this credential faking – I do think that > the last two words are already completely sufficient to show the > insanity of it at least when I apply something to it that is commonly > called common sense, credential *what*? – is just for supporting > something that is broken in userspace already? Ok, I think I now get the dbus-1 userspace probably didn´t need credential faking to provide this functionality of providing seclabels to dbus clients. So it is more: "ok, we have some userspace functionality that we need to be compatible to it, but in order to do this, we need to do something in the kernel that is broken by design" I vote for keeping the functionality inside userspace then. -- Martin -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/