1. 28 Jan, 2014 1 commit
  2. 13 Jan, 2014 1 commit
    • Zeeshan Ali's avatar
      service-manager: More secure identification of apps & agents · 764a7e4e
      Zeeshan Ali authored
      We have been using /proc/${PID}/cmdline for identifying apps but that
      can be overwritten by app itself very easily. Instead we look at what
      /proc/${PID}/exe is pointing to. The only way an app/agent can fool
      geoclue now is by overwriting the binary of a whitelisted agent or
      authorized app.
      
      We can make things a lot more secure by only allowing binaries to be in
      privileged directories (e.g /usr/bin and /usr/libexec etc) since then a
      random unprivileged binary can't just overwrite known binaries. However,
      this will break geoclue for developers (think jhbuild). Perhaps we
      should do this but provide an option in conf file to either disable
      these checks or provide the whitelists binary directories?
      
      Thanks to Lennart Poettering for advice.
      764a7e4e
  3. 25 Sep, 2013 1 commit
    • Zeeshan Ali's avatar
      service: Add a ClientInfo class · 5f92b19a
      Zeeshan Ali authored
      This will be used to detect and carry around client info such as:
      
      * Unique bus name
      * Commandline
      * ID of user client is running as
      
      Also it emits 'peer-vanished' signal when the client disapears from bus.
      5f92b19a