For the past half year or so +David Herrmann and I have been working on a new D-Bus implementation. Check out David's blog post to learn more.
We're doing some work upstream for session bus sandboxing. Could you have a look at the proposals in bugs.freedesktop.org - 101354 – Minimal version of restricted, identifiable bus servers for containers (#100344) to make sure we're not landing something you could not also support.20w
+Alexander Larsson will do, thanks!20w
+David Herrmann fwiw it has been packaged for exherbo since a quite early stage too20w
+Alexander Larsson We already have most infrastructure for it in place, it is really just a matter of releasing the spec so we can implement it. Though, I have to admit, I dislike that the bus creates the listener socket, rather than just passing in the file-descriptor from the outside.20w- +David Herrmann We wanted to have that (pass in the fd) but there were issues with it. I don't remember the details though, bring it up in the bug.20w
- +David Herrmann i.e. ideally the socket should be created in the sandbox, never visible on the outside, then passed out to the daemon for listening to.20w
That's the what, third attempt now? YADR (Yet another dbus replacement). ;) It sounds entirely sensible, though :)20w
Add a comment...