summaryrefslogtreecommitdiffstats
path: root/bus/dbus-daemon-1.1.in
diff options
context:
space:
mode:
authorHavoc Pennington <hp@redhat.com>2003-09-21 19:53:56 +0000
committerHavoc Pennington <hp@redhat.com>2003-09-21 19:53:56 +0000
commita683a80c409cc4f2e57ba6a3e60d52f91b8657d0 (patch)
tree739f2f5f583c987a64b92d007062ae8a6ea9b161 /bus/dbus-daemon-1.1.in
parentdaf8d6579e1ae0ea748810b63180bd5eea2ab9c4 (diff)
2003-09-21 Havoc Pennington <hp@pobox.com>
Get matching rules mostly working in the bus; only actually parsing the rule text remains. However, the client side of "signal connections" hasn't been started, this patch is only the bus side. * dbus/dispatch.c: fix for the matching rules changes * bus/driver.c (bus_driver_handle_remove_match) (bus_driver_handle_add_match): send an ack reply from these method calls * glib/dbus-gproxy.c (dbus_gproxy_begin_call): fix order of arguments, reported by Seth Nickell * bus/config-parser.c (append_rule_from_element): support eavesdrop=true|false attribute on policies so match rules can be prevented from snooping on the system bus. * bus/dbus-daemon-1.1.in: consistently use terminology "sender" and "destination" in attribute names; fix some docs bugs; add eavesdrop=true|false attribute * bus/driver.c (bus_driver_handle_add_match) (bus_driver_handle_remove_match): handle AddMatch, RemoveMatch messages * dbus/dbus-protocol.h (DBUS_SERVICE_ORG_FREEDESKTOP_BROADCAST): get rid of broadcast service concept, signals are just always broadcast * bus/signals.c, bus/dispatch.c, bus/connection.c, bus/bus.c: mostly implement matching rules stuff (currently only exposed as signal connections)
Diffstat (limited to 'bus/dbus-daemon-1.1.in')
-rw-r--r--bus/dbus-daemon-1.1.in49
1 files changed, 32 insertions, 17 deletions
diff --git a/bus/dbus-daemon-1.1.in b/bus/dbus-daemon-1.1.in
index ec915edd..b272a62e 100644
--- a/bus/dbus-daemon-1.1.in
+++ b/bus/dbus-daemon-1.1.in
@@ -328,26 +328,32 @@ in the config file.
.TP
.I "<deny>"
+.I "<allow>"
+
+.PP
+A <deny> element appears below a <policy> element and prohibits some
+action. The <allow> element makes an exception to previous <deny>
+statements, and works just like <deny> but with the inverse meaning.
.PP
-A <deny> element appears below a <policy> element and prohibits
-some action. The possible attributes of a <deny> element are:
+The possible attributes of these elements are:
.nf
send_interface="interface_name"
send_member="method_or_signal_name"
send_error="error_name"
- send_service="service_name"
- send_type="method_call|method_return|signal|error"
+ send_destination="service_name"
+ send_type="method_call" | "method_return" | "signal" | "error"
send_path="/path/name"
receive_interface="interface_name"
receive_member="method_or_signal_name"
receive_error="error_name"
- receive_service="service_name"
- receive_type="method_call|method_return|signal|error"
+ receive_sender="service_name"
+ receive_type="method_call" | "method_return" | "signal" | "error"
receive_path="/path/name"
+
+ eavesdrop="true" | "false"
- receive="messagename"
own="servicename"
user="username"
group="groupname"
@@ -359,8 +365,8 @@ Examples:
<deny send_interface="org.freedesktop.System" send_member="Reboot"/>
<deny receive_interface="org.freedesktop.System" receive_member="Reboot"/>
<deny own="org.freedesktop.System"/>
- <deny send_service="org.freedesktop.System"/>
- <deny receive_service="org.freedesktop.System"/>
+ <deny send_destination="org.freedesktop.System"/>
+ <deny receive_sender="org.freedesktop.System"/>
<deny user="john"/>
<deny group="enemies"/>
.fi
@@ -371,7 +377,7 @@ particular action. If it matches, the action is denied (unless later
rules in the config file allow it).
.PP
-send_service and receive_service rules mean that messages may not be
+send_destination and receive_sender rules mean that messages may not be
sent to or received from the *owner* of the given service, not that
they may not be sent *to that service name*. That is, if a connection
owns services A, B, C, and sending to A is denied, sending to B or C
@@ -382,6 +388,22 @@ The other send_* and receive_* attributes are purely textual/by-value
matches against the given field in the message header.
.PP
+"Eavesdropping" occurs when an application receives a message that
+was explicitly addressed to a service the application does not own.
+Eavesdropping thus only applies to messages that are addressed to
+services (i.e. it does not apply to signals).
+
+.PP
+For <allow>, eavesdrop="true" indicates that the rule matches even
+when eavesdropping. eavesdrop="false" is the default and means that
+the rule only allows messages to go to their specified recipient.
+For <deny>, eavesdrop="true" indicates that the rule matches
+only when eavesdropping. eavesdrop="false" is the default for <deny>
+also, but here it means that the rule applies always, even when
+not eavesdropping. The eavesdrop attribute can only be combined with
+receive rules (with receive_* attributes).
+
+.PP
user and group denials mean that the given user or group may
not connect to the message bus.
@@ -413,13 +435,6 @@ received" are evaluated separately.
Be careful with send_interface/receive_interface, because the
interface field in messages is optional.
-.TP
-.I "<allow>"
-
-.PP
-Makes an exception to previous <deny> statements. Works
-just like <deny> but with the inverse meaning.
-
.SH AUTHOR
See http://www.freedesktop.org/software/dbus/doc/AUTHORS