someone who understands SELinux should improve its documentation
Submitted by Simon McVittie
Assigned to D-Bus Maintainers
Description
The dbus-daemon has a GetConnectionSELinuxSecurityContext() method. There are two problems with this method:
-
in Bug #54445 I added a GetConnectionCredentials() call which is meant to return all available credentials, but I don't use SELinux, so I didn't want to add functionality I can't test;
-
the documentation in the D-Bus Specification is extremely vague because I don't know what the right jargon is, or what a sensible example looks like
I would be happy to review a patch that corrected either or both of these.
There is some synergy with Bug #75113 asking for AppArmor support, which also wants to add support for a not-necessarily-UTF-8 credential. In particular, Attachment #97993 (or whatever supersedes it if Tyler changes it) seems like it is likely to be useful here.
https://bugs.freedesktop.org/show_bug.cgi?id=75113#c75 explains why, even though GetConnectionSELinuxSecurityContext returns ['f', 'o', 'o'] if the context is "foo", it would be nicer for the SELinux security context in GetConnectionCredentials to be ['f', 'o', 'o', '\0'].
Version: 1.5