authenticating users for the control socket
Vincent Danjean
vdanjean.ml at free.fr
Mon Jun 11 16:47:20 UTC 2007
Michael Biebl wrote:
> 2007/6/11, martin f krafft <madduck at debian.org>:
>> 4. provide a setgid proxy which receives data on stdin, connects
>> to the socket, provides the auth info to the daemon, then
>> connects stdin/stdout to the socket passthrough-style.
>>
>> (4) seems like the best solution, but it's not nice. Thus I am
>> wondering if anyone has a better idea.
>>
>> Or do you think letting non-root users control netconf is silly? It
>> does seem somewhat silly, but when you think network-manager and the
>> possibility of having a GUI control netconf from the GNOME panel (or
>> the like), it becomes all the more attractive^W necessary.
>>
>> Comments welcome, cheers,
>
> Why not use D-Bus as IPC for client applications? The python dbus
> binding are very good.
Can D-Bus manage authentification ?
Or perhaps you propose that it exists a setgid proxy that controls the
netconf deamon and that talks to the other application via D-Bus.
Here again, can D-Bus provide security and authentification between
connected applications ? (I do not know D-Bus at all)
Best regards,
Vincent
More information about the netconf-devel
mailing list