Making kwallet more secure
Michael Leupold
lemma at confuego.org
Sat Aug 23 20:12:40 BST 2008
On Saturday 23 August 2008, Thiago Macieira wrote:
> > - Can I trust the information about the caller that's
> > provided on receiving a message? If so I could use the interfaces to
> > figure out the caller's PID and get more information to present to the
> > user. I could also set ACLs based on the caller's path.
> This is hardly cross platform. The PID is not a guaranteed information on
> D-Bus (it may fail to retrieve the PID and that's not a fatal problem).
> And even with the PID, you have to use non-cross-platform code to get the
> path of the executable.
To my understanding it's not cross-platform because dbus-win uses tcp/ip
instead of named pipes as transport (and that there's some problems leading to
them using that one). Right?
Could you please explain in which circumstances retrieving the PID might not
work? Unfortunately information on it is pretty sparse.
Thanks and regards,
Michael
More information about the kde-core-devel
mailing list