hud should use APP_ID and libnih to generate the DBus path
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
hud (Ubuntu) |
Fix Released
|
High
|
Jamie Strandboge | ||
Saucy |
Fix Released
|
High
|
Jamie Strandboge |
Bug Description
We discussed DBus APIs in relation to application confinement in various places and decided that services that require DBus mediation, click packaging and apparmor should all agree on how to derive an application-
$pkgname_
and this is derived from the click manifest. Eg:
com.ubuntu.
Application lifecycle will export the APP_ID to the environment. The click-apparmor hook creates the @{APP_ID_DBUS} variable in apparmor policy for use in dbus rules. click-apparmor uses nih_dbus_path() from libnih-dbus to generate the @{APP_ID_DBUS}. Eg, for com.ubuntu.
@{APP_
This allows us to have rules like this in apparmor policy:
dbus (send)
bus=session
path=
However, the HUD is generating a different value for its path, as seen in this dbus apparmor denial:
dbus[3390]: apparmor="DENIED" operation=
We need the hud and apparmor to agree, otherwise we have to use policy that's much too lenient where malicious applications can interfere with other apps. Please adjust the hud to use libnih-dbus. Attached is a test C program to demonstrate how to do this.
Related branches
- Ted Gould (community): Approve
- PS Jenkins bot (community): Approve (continuous-integration)
-
Diff: 100 lines (+23/-11)4 files modifiedCMakeLists.txt (+9/-0)
debian/control (+2/-1)
src/CMakeLists.txt (+2/-0)
src/application-source.c (+10/-10)
tags: | added: patch |
Changed in hud (Ubuntu Saucy): | |
status: | Triaged → In Progress |
Changed in hud (Ubuntu Saucy): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
description: | updated |
Here is a debdiff to achieve this. I've tested it locally and it seems to work well.