[Dev] D-Bus upgrade

Jacek Bukarewicz j.bukarewicz at samsung.com
Thu Oct 9 10:47:54 GMT 2014


Hi,

I'm currently working on integration of Cynara with D-Bus. Basically, 
the idea is to extend D-Bus daemon policy language with <check ... 
privilege="name_of_privilege" > tag.
It will allow external policy checkers to be part of D-Bus security 
policy . The biggest advantage from service point of view is its ease of 
integration with Cynara. After this work is finished services will be 
able to simply declare which method calls or signals will be secured by 
Cynara.

Current work is based on version 1.8.2, while the one currently used on 
Tizen images is 1.6.12. Work regarding Cynara actually does not require 
us to upgrade 1.8.x. In fact I've rebased patches locally on top of 
tizen branch and they were applied almost cleanly and is also seems to 
work. On the other hand it might be beneficial for us to use version 
that is closer to the upstream. One interesting change that we might 
make use of is security policy reload for established D-Bus connections. 
Currently, user has to reconnect for the D-Bus policy change to take 
effect. Please note that Cynara policy change will be detected anyway - 
that will be handled transparently by Cynara client library. However 
service upgrade might involve making changes to the D-Bus configuration 
files and these changes won't be detected until reconnection (for 
version 1.6.x).

What do you think about potential upgrade? Do you have any objections to 
do it now? I believe best candidate would be 1.8.8. On 1 October version 
1.9.0 has been released, but it might be too early to use this one.

Best regards,

-- 
Jacek Bukarewicz
Samsung R&D Institute Poland
Samsung Electronics
j.bukarewicz at samsung.com



More information about the Dev mailing list