But they are allowed to connect to the dbus-daemon and thus system and session bus, right? At least in IVI, that is important because many system services are based on D-Bus.
So once an app is allowed to connect (= has rw access to the D-Bus Unix domain socket), it can send messages to anyone on that bus, including other apps, unless the dbus-daemon as the intermediary does message filtering. [Tomasz] we're currently in the process of releasing this patch: https://review.tizen.org/gerrit/#/c/31310/ As we speak its not available in the daily images due to some issues with signals in some modules (we've rolled back the dbus package release last week), but this is our goal. So no, an app should not own an interface on bus and therefore could not register itself as DBus service => should not receive messages from other apps. Only "User" and "System"-Smack-labeled processes should be allowed to do that (thanks to this: https://review.tizen.org/gerrit/#/c/48040/). System-level services should override this default policy in their own part of DBus xml config. BRs, Tomasz Swierczek _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
