diff options
author | Colin Walters <walters@verbum.org> | 2008-12-09 09:17:14 -0500 |
---|---|---|
committer | Colin Walters <walters@verbum.org> | 2008-12-09 09:17:14 -0500 |
commit | e43b917520fd25ea0c5a89a097a3b1036a7765b5 (patch) | |
tree | 613958247f7059d0d3ba15048462503881556f04 /bus | |
parent | 920c3c0292b57b30718dde9f4900790a3b60db1f (diff) | |
parent | 7f0990abc74a3c6aa76211a064b57f081690d340 (diff) |
Merge branch 'manpage'
Diffstat (limited to 'bus')
-rw-r--r-- | bus/dbus-daemon.1.in | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/bus/dbus-daemon.1.in b/bus/dbus-daemon.1.in index 7666f180..94f073b9 100644 --- a/bus/dbus-daemon.1.in +++ b/bus/dbus-daemon.1.in @@ -417,6 +417,18 @@ they are analogous to a firewall in that they allow expected traffic and prevent unexpected traffic. .PP +Currently, the system bus has a default-deny policy for sending method calls +and owning bus names. Everything else, in particular reply messages, receive +checks, and signals has a default allow policy. + +.PP +In general, it is best to keep system services as small, targeted programs which +run in their own process and provide a single bus name. Then, all that is needed +is an <allow> rule for the "own" permission to let the process claim the bus +name, and a "send_destination" rule to allow traffic from some or all uids to +your service. + +.PP The <policy> element has one of three attributes: .nf context="(default|mandatory)" @@ -481,9 +493,7 @@ The possible attributes of these elements are: .PP Examples: .nf - <deny send_interface="org.freedesktop.System" send_member="Reboot"/> - <deny receive_interface="org.freedesktop.System" receive_member="Reboot"/> - <deny own="org.freedesktop.System"/> + <deny send_destination="org.freedesktop.Service" send_interface="org.freedesktop.System" send_member="Reboot"/> <deny send_destination="org.freedesktop.System"/> <deny receive_sender="org.freedesktop.System"/> <deny user="john"/> |