1 /* -*- mode: C; c-file-style: "gnu" -*- */
2 /* policy.c Bus security policy
4 * Copyright (C) 2003, 2004 Red Hat, Inc.
5 * Portion Copyright © 2008 Nokia Corporation and/or its subsidiary(-ies). All rights reserved.
6 * Licensed under the Academic Free License version 2.1
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 2 of the License, or
11 * (at your option) any later version.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program; if not, write to the Free Software
20 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
29 #include <dbus/dbus-list.h>
30 #include <dbus/dbus-hash.h>
31 #include <dbus/dbus-internals.h>
33 #include "dbus-list.h"
34 #include "dbus-hash.h"
35 #include "dbus-internals.h"
36 #endif //__SYMBIAN32__
39 bus_policy_rule_new (BusPolicyRuleType type,
44 rule = dbus_new0 (BusPolicyRule, 1);
54 case BUS_POLICY_RULE_USER:
55 rule->d.user.uid = DBUS_UID_UNSET;
57 case BUS_POLICY_RULE_GROUP:
58 rule->d.group.gid = DBUS_GID_UNSET;
60 case BUS_POLICY_RULE_SEND:
61 rule->d.send.message_type = DBUS_MESSAGE_TYPE_INVALID;
63 /* allow rules default to TRUE (only requested replies allowed)
64 * deny rules default to FALSE (only unrequested replies denied)
66 rule->d.send.requested_reply = rule->allow;
68 case BUS_POLICY_RULE_RECEIVE:
69 rule->d.receive.message_type = DBUS_MESSAGE_TYPE_INVALID;
70 /* allow rules default to TRUE (only requested replies allowed)
71 * deny rules default to FALSE (only unrequested replies denied)
73 rule->d.receive.requested_reply = rule->allow;
75 case BUS_POLICY_RULE_OWN:
83 bus_policy_rule_ref (BusPolicyRule *rule)
85 _dbus_assert (rule->refcount > 0);
93 bus_policy_rule_unref (BusPolicyRule *rule)
95 _dbus_assert (rule->refcount > 0);
99 if (rule->refcount == 0)
103 case BUS_POLICY_RULE_SEND:
104 dbus_free (rule->d.send.path);
105 dbus_free (rule->d.send.interface);
106 dbus_free (rule->d.send.member);
107 dbus_free (rule->d.send.error);
108 dbus_free (rule->d.send.destination);
110 case BUS_POLICY_RULE_RECEIVE:
111 dbus_free (rule->d.receive.path);
112 dbus_free (rule->d.receive.interface);
113 dbus_free (rule->d.receive.member);
114 dbus_free (rule->d.receive.error);
115 dbus_free (rule->d.receive.origin);
117 case BUS_POLICY_RULE_OWN:
118 dbus_free (rule->d.own.service_name);
120 case BUS_POLICY_RULE_USER:
122 case BUS_POLICY_RULE_GROUP:
134 DBusList *default_rules; /**< Default policy rules */
135 DBusList *mandatory_rules; /**< Mandatory policy rules */
136 DBusHashTable *rules_by_uid; /**< per-UID policy rules */
137 DBusHashTable *rules_by_gid; /**< per-GID policy rules */
138 DBusList *at_console_true_rules; /**< console user policy rules where at_console="true"*/
139 DBusList *at_console_false_rules; /**< console user policy rules where at_console="false"*/
143 free_rule_func (void *data,
146 BusPolicyRule *rule = data;
148 bus_policy_rule_unref (rule);
152 free_rule_list_func (void *data)
154 DBusList **list = data;
156 if (list == NULL) /* DBusHashTable is on crack */
159 _dbus_list_foreach (list, free_rule_func, NULL);
161 _dbus_list_clear (list);
167 bus_policy_new (void)
171 policy = dbus_new0 (BusPolicy, 1);
175 policy->refcount = 1;
177 policy->rules_by_uid = _dbus_hash_table_new (DBUS_HASH_ULONG,
179 free_rule_list_func);
180 if (policy->rules_by_uid == NULL)
183 policy->rules_by_gid = _dbus_hash_table_new (DBUS_HASH_ULONG,
185 free_rule_list_func);
186 if (policy->rules_by_gid == NULL)
192 bus_policy_unref (policy);
197 bus_policy_ref (BusPolicy *policy)
199 _dbus_assert (policy->refcount > 0);
201 policy->refcount += 1;
207 bus_policy_unref (BusPolicy *policy)
209 _dbus_assert (policy->refcount > 0);
211 policy->refcount -= 1;
213 if (policy->refcount == 0)
215 _dbus_list_foreach (&policy->default_rules, free_rule_func, NULL);
216 _dbus_list_clear (&policy->default_rules);
218 _dbus_list_foreach (&policy->mandatory_rules, free_rule_func, NULL);
219 _dbus_list_clear (&policy->mandatory_rules);
221 _dbus_list_foreach (&policy->at_console_true_rules, free_rule_func, NULL);
222 _dbus_list_clear (&policy->at_console_true_rules);
224 _dbus_list_foreach (&policy->at_console_false_rules, free_rule_func, NULL);
225 _dbus_list_clear (&policy->at_console_false_rules);
227 if (policy->rules_by_uid)
229 _dbus_hash_table_unref (policy->rules_by_uid);
230 policy->rules_by_uid = NULL;
233 if (policy->rules_by_gid)
235 _dbus_hash_table_unref (policy->rules_by_gid);
236 policy->rules_by_gid = NULL;
244 add_list_to_client (DBusList **list,
245 BusClientPolicy *client)
249 link = _dbus_list_get_first_link (list);
252 BusPolicyRule *rule = link->data;
253 link = _dbus_list_get_next_link (list, link);
257 case BUS_POLICY_RULE_USER:
258 case BUS_POLICY_RULE_GROUP:
259 /* These aren't per-connection policies */
262 case BUS_POLICY_RULE_OWN:
263 case BUS_POLICY_RULE_SEND:
264 case BUS_POLICY_RULE_RECEIVE:
265 /* These are per-connection */
266 if (!bus_client_policy_append_rule (client, rule))
276 bus_policy_create_client_policy (BusPolicy *policy,
277 DBusConnection *connection,
280 BusClientPolicy *client;
282 dbus_bool_t at_console;
284 _dbus_assert (dbus_connection_get_is_authenticated (connection));
285 _DBUS_ASSERT_ERROR_IS_CLEAR (error);
287 client = bus_client_policy_new ();
291 if (!add_list_to_client (&policy->default_rules,
295 /* we avoid the overhead of looking up user's groups
296 * if we don't have any group rules anyway
298 if (_dbus_hash_table_get_n_entries (policy->rules_by_gid) > 0)
300 unsigned long *groups;
304 if (!bus_connection_get_groups (connection, &groups, &n_groups, error))
312 list = _dbus_hash_table_lookup_ulong (policy->rules_by_gid,
317 if (!add_list_to_client (list, client))
330 if (!dbus_connection_get_unix_user (connection, &uid))
332 dbus_set_error (error, DBUS_ERROR_FAILED,
333 "No user ID known for connection, cannot determine security policy\n");
337 if (_dbus_hash_table_get_n_entries (policy->rules_by_uid) > 0)
341 list = _dbus_hash_table_lookup_ulong (policy->rules_by_uid,
346 if (!add_list_to_client (list, client))
351 /* Add console rules */
352 at_console = _dbus_is_console_user (uid, error);
356 if (!add_list_to_client (&policy->at_console_true_rules, client))
359 else if (dbus_error_is_set (error) == TRUE)
363 else if (!add_list_to_client (&policy->at_console_false_rules, client))
368 if (!add_list_to_client (&policy->mandatory_rules,
372 bus_client_policy_optimize (client);
379 _DBUS_ASSERT_ERROR_IS_SET (error);
381 bus_client_policy_unref (client);
386 list_allows_user (dbus_bool_t def,
389 const unsigned long *group_ids,
397 link = _dbus_list_get_first_link (list);
400 BusPolicyRule *rule = link->data;
401 link = _dbus_list_get_next_link (list, link);
403 if (rule->type == BUS_POLICY_RULE_USER)
405 _dbus_verbose ("List %p user rule uid="DBUS_UID_FORMAT"\n",
406 list, rule->d.user.uid);
408 if (rule->d.user.uid == DBUS_UID_UNSET)
410 else if (rule->d.user.uid != uid)
413 else if (rule->type == BUS_POLICY_RULE_GROUP)
415 _dbus_verbose ("List %p group rule uid="DBUS_UID_FORMAT"\n",
416 list, rule->d.user.uid);
418 if (rule->d.group.gid == DBUS_GID_UNSET)
425 while (i < n_group_ids)
427 if (rule->d.group.gid == group_ids[i])
432 if (i == n_group_ids)
439 allowed = rule->allow;
446 bus_policy_allow_user (BusPolicy *policy,
447 DBusUserDatabase *user_database,
451 unsigned long *group_ids;
454 /* On OOM or error we always reject the user */
455 if (!_dbus_user_database_get_groups (user_database,
456 uid, &group_ids, &n_group_ids, NULL))
458 _dbus_verbose ("Did not get any groups for UID %lu\n",
463 /* Default to "user owning bus" or root can connect */
464 allowed = uid == _dbus_getuid ();
466 allowed = list_allows_user (allowed,
467 &policy->default_rules,
469 group_ids, n_group_ids);
471 allowed = list_allows_user (allowed,
472 &policy->mandatory_rules,
474 group_ids, n_group_ids);
476 dbus_free (group_ids);
478 _dbus_verbose ("UID %lu allowed = %d\n", uid, allowed);
484 bus_policy_append_default_rule (BusPolicy *policy,
487 if (!_dbus_list_append (&policy->default_rules, rule))
490 bus_policy_rule_ref (rule);
496 bus_policy_append_mandatory_rule (BusPolicy *policy,
499 if (!_dbus_list_append (&policy->mandatory_rules, rule))
502 bus_policy_rule_ref (rule);
510 get_list (DBusHashTable *hash,
515 list = _dbus_hash_table_lookup_ulong (hash, key);
519 list = dbus_new0 (DBusList*, 1);
523 if (!_dbus_hash_table_insert_ulong (hash, key, list))
534 bus_policy_append_user_rule (BusPolicy *policy,
540 list = get_list (policy->rules_by_uid, uid);
545 if (!_dbus_list_append (list, rule))
548 bus_policy_rule_ref (rule);
554 bus_policy_append_group_rule (BusPolicy *policy,
560 list = get_list (policy->rules_by_gid, gid);
565 if (!_dbus_list_append (list, rule))
568 bus_policy_rule_ref (rule);
574 bus_policy_append_console_rule (BusPolicy *policy,
575 dbus_bool_t at_console,
580 if (!_dbus_list_append (&policy->at_console_true_rules, rule))
585 if (!_dbus_list_append (&policy->at_console_false_rules, rule))
589 bus_policy_rule_ref (rule);
596 append_copy_of_policy_list (DBusList **list,
597 DBusList **to_append)
604 /* Preallocate all our links */
605 link = _dbus_list_get_first_link (to_append);
608 if (!_dbus_list_append (&tmp_list, link->data))
610 _dbus_list_clear (&tmp_list);
614 link = _dbus_list_get_next_link (to_append, link);
617 /* Now append them */
618 while ((link = _dbus_list_pop_first_link (&tmp_list)))
620 bus_policy_rule_ref (link->data);
621 _dbus_list_append_link (list, link);
628 merge_id_hash (DBusHashTable *dest,
629 DBusHashTable *to_absorb)
633 _dbus_hash_iter_init (to_absorb, &iter);
634 while (_dbus_hash_iter_next (&iter))
636 unsigned long id = _dbus_hash_iter_get_ulong_key (&iter);
637 DBusList **list = _dbus_hash_iter_get_value (&iter);
638 DBusList **target = get_list (dest, id);
643 if (!append_copy_of_policy_list (target, list))
651 bus_policy_merge (BusPolicy *policy,
652 BusPolicy *to_absorb)
654 /* FIXME Not properly atomic, but as used for configuration files we
655 * don't rely on it quite so much.
658 if (!append_copy_of_policy_list (&policy->default_rules,
659 &to_absorb->default_rules))
662 if (!append_copy_of_policy_list (&policy->mandatory_rules,
663 &to_absorb->mandatory_rules))
666 if (!append_copy_of_policy_list (&policy->at_console_true_rules,
667 &to_absorb->at_console_true_rules))
670 if (!append_copy_of_policy_list (&policy->at_console_false_rules,
671 &to_absorb->at_console_false_rules))
674 if (!merge_id_hash (policy->rules_by_uid,
675 to_absorb->rules_by_uid))
678 if (!merge_id_hash (policy->rules_by_gid,
679 to_absorb->rules_by_gid))
685 struct BusClientPolicy
693 bus_client_policy_new (void)
695 BusClientPolicy *policy;
697 policy = dbus_new0 (BusClientPolicy, 1);
701 policy->refcount = 1;
707 bus_client_policy_ref (BusClientPolicy *policy)
709 _dbus_assert (policy->refcount > 0);
711 policy->refcount += 1;
717 rule_unref_foreach (void *data,
720 BusPolicyRule *rule = data;
722 bus_policy_rule_unref (rule);
726 bus_client_policy_unref (BusClientPolicy *policy)
728 _dbus_assert (policy->refcount > 0);
730 policy->refcount -= 1;
732 if (policy->refcount == 0)
734 _dbus_list_foreach (&policy->rules,
738 _dbus_list_clear (&policy->rules);
745 remove_rules_by_type_up_to (BusClientPolicy *policy,
746 BusPolicyRuleType type,
751 link = _dbus_list_get_first_link (&policy->rules);
752 while (link != up_to)
754 BusPolicyRule *rule = link->data;
755 DBusList *next = _dbus_list_get_next_link (&policy->rules, link);
757 if (rule->type == type)
759 _dbus_list_remove_link (&policy->rules, link);
760 bus_policy_rule_unref (rule);
768 bus_client_policy_optimize (BusClientPolicy *policy)
772 /* The idea here is that if we have:
774 * <allow send_interface="foo.bar"/>
775 * <deny send_interface="*"/>
777 * (for example) the deny will always override the allow. So we
778 * delete the allow. Ditto for deny followed by allow, etc. This is
779 * a dumb thing to put in a config file, but the <include> feature
780 * of files allows for an "inheritance and override" pattern where
781 * it could make sense. If an included file wants to "start over"
782 * with a blanket deny, no point keeping the rules from the parent
786 _dbus_verbose ("Optimizing policy with %d rules\n",
787 _dbus_list_get_length (&policy->rules));
789 link = _dbus_list_get_first_link (&policy->rules);
794 dbus_bool_t remove_preceding;
796 next = _dbus_list_get_next_link (&policy->rules, link);
799 remove_preceding = FALSE;
801 _dbus_assert (rule != NULL);
805 case BUS_POLICY_RULE_SEND:
807 rule->d.send.message_type == DBUS_MESSAGE_TYPE_INVALID &&
808 rule->d.send.path == NULL &&
809 rule->d.send.interface == NULL &&
810 rule->d.send.member == NULL &&
811 rule->d.send.error == NULL &&
812 rule->d.send.destination == NULL;
814 case BUS_POLICY_RULE_RECEIVE:
816 rule->d.receive.message_type == DBUS_MESSAGE_TYPE_INVALID &&
817 rule->d.receive.path == NULL &&
818 rule->d.receive.interface == NULL &&
819 rule->d.receive.member == NULL &&
820 rule->d.receive.error == NULL &&
821 rule->d.receive.origin == NULL;
823 case BUS_POLICY_RULE_OWN:
825 rule->d.own.service_name == NULL;
827 case BUS_POLICY_RULE_USER:
828 case BUS_POLICY_RULE_GROUP:
829 _dbus_assert_not_reached ("invalid rule");
833 if (remove_preceding)
834 remove_rules_by_type_up_to (policy, rule->type,
840 _dbus_verbose ("After optimization, policy has %d rules\n",
841 _dbus_list_get_length (&policy->rules));
845 bus_client_policy_append_rule (BusClientPolicy *policy,
848 _dbus_verbose ("Appending rule %p with type %d to policy %p\n",
849 rule, rule->type, policy);
851 if (!_dbus_list_append (&policy->rules, rule))
854 bus_policy_rule_ref (rule);
860 bus_client_policy_check_can_send (BusClientPolicy *policy,
861 BusRegistry *registry,
862 dbus_bool_t requested_reply,
863 DBusConnection *receiver,
864 DBusMessage *message)
869 /* policy->rules is in the order the rules appeared
870 * in the config file, i.e. last rule that applies wins
873 _dbus_verbose (" (policy) checking send rules\n");
876 link = _dbus_list_get_first_link (&policy->rules);
879 BusPolicyRule *rule = link->data;
881 link = _dbus_list_get_next_link (&policy->rules, link);
883 /* Rule is skipped if it specifies a different
884 * message name from the message, or a different
885 * destination from the message
888 if (rule->type != BUS_POLICY_RULE_SEND)
890 _dbus_verbose (" (policy) skipping non-send rule\n");
894 if (rule->d.send.message_type != DBUS_MESSAGE_TYPE_INVALID)
896 if (dbus_message_get_type (message) != rule->d.send.message_type)
898 _dbus_verbose (" (policy) skipping rule for different message type\n");
903 /* If it's a reply, the requested_reply flag kicks in */
904 if (dbus_message_get_reply_serial (message) != 0)
906 /* for allow, requested_reply=true means the rule applies
907 * only when reply was requested. requested_reply=false means
910 if (!requested_reply && rule->allow && rule->d.send.requested_reply)
912 _dbus_verbose (" (policy) skipping allow rule since it only applies to requested replies\n");
916 /* for deny, requested_reply=false means the rule applies only
917 * when the reply was not requested. requested_reply=true means the
918 * rule always applies.
920 if (requested_reply && !rule->allow && !rule->d.send.requested_reply)
922 _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n");
927 if (rule->d.send.path != NULL)
929 if (dbus_message_get_path (message) != NULL &&
930 strcmp (dbus_message_get_path (message),
931 rule->d.send.path) != 0)
933 _dbus_verbose (" (policy) skipping rule for different path\n");
938 if (rule->d.send.interface != NULL)
940 if (dbus_message_get_interface (message) != NULL &&
941 strcmp (dbus_message_get_interface (message),
942 rule->d.send.interface) != 0)
944 _dbus_verbose (" (policy) skipping rule for different interface\n");
949 if (rule->d.send.member != NULL)
951 if (dbus_message_get_member (message) != NULL &&
952 strcmp (dbus_message_get_member (message),
953 rule->d.send.member) != 0)
955 _dbus_verbose (" (policy) skipping rule for different member\n");
960 if (rule->d.send.error != NULL)
962 if (dbus_message_get_error_name (message) != NULL &&
963 strcmp (dbus_message_get_error_name (message),
964 rule->d.send.error) != 0)
966 _dbus_verbose (" (policy) skipping rule for different error name\n");
971 if (rule->d.send.destination != NULL)
973 /* receiver can be NULL for messages that are sent to the
974 * message bus itself, we check the strings in that case as
975 * built-in services don't have a DBusConnection but messages
976 * to them have a destination service name.
978 if (receiver == NULL)
980 if (!dbus_message_has_destination (message,
981 rule->d.send.destination))
983 _dbus_verbose (" (policy) skipping rule because message dest is not %s\n",
984 rule->d.send.destination);
993 _dbus_string_init_const (&str, rule->d.send.destination);
995 service = bus_registry_lookup (registry, &str);
998 _dbus_verbose (" (policy) skipping rule because dest %s doesn't exist\n",
999 rule->d.send.destination);
1003 if (!bus_service_has_owner (service, receiver))
1005 _dbus_verbose (" (policy) skipping rule because dest %s isn't owned by receiver\n",
1006 rule->d.send.destination);
1013 allowed = rule->allow;
1015 _dbus_verbose (" (policy) used rule, allow now = %d\n",
1022 /* See docs on what the args mean on bus_context_check_security_policy()
1026 bus_client_policy_check_can_receive (BusClientPolicy *policy,
1027 BusRegistry *registry,
1028 dbus_bool_t requested_reply,
1029 DBusConnection *sender,
1030 DBusConnection *addressed_recipient,
1031 DBusConnection *proposed_recipient,
1032 DBusMessage *message)
1035 dbus_bool_t allowed;
1036 dbus_bool_t eavesdropping;
1039 addressed_recipient != proposed_recipient &&
1040 dbus_message_get_destination (message) != NULL;
1042 /* policy->rules is in the order the rules appeared
1043 * in the config file, i.e. last rule that applies wins
1046 _dbus_verbose (" (policy) checking receive rules, eavesdropping = %d\n", eavesdropping);
1049 link = _dbus_list_get_first_link (&policy->rules);
1050 while (link != NULL)
1052 BusPolicyRule *rule = link->data;
1054 link = _dbus_list_get_next_link (&policy->rules, link);
1056 if (rule->type != BUS_POLICY_RULE_RECEIVE)
1058 _dbus_verbose (" (policy) skipping non-receive rule\n");
1062 if (rule->d.receive.message_type != DBUS_MESSAGE_TYPE_INVALID)
1064 if (dbus_message_get_type (message) != rule->d.receive.message_type)
1066 _dbus_verbose (" (policy) skipping rule for different message type\n");
1071 /* for allow, eavesdrop=false means the rule doesn't apply when
1072 * eavesdropping. eavesdrop=true means always allow.
1074 if (eavesdropping && rule->allow && !rule->d.receive.eavesdrop)
1076 _dbus_verbose (" (policy) skipping allow rule since it doesn't apply to eavesdropping\n");
1080 /* for deny, eavesdrop=true means the rule applies only when
1081 * eavesdropping; eavesdrop=false means always deny.
1083 if (!eavesdropping && !rule->allow && rule->d.receive.eavesdrop)
1085 _dbus_verbose (" (policy) skipping deny rule since it only applies to eavesdropping\n");
1089 /* If it's a reply, the requested_reply flag kicks in */
1090 if (dbus_message_get_reply_serial (message) != 0)
1092 /* for allow, requested_reply=true means the rule applies
1093 * only when reply was requested. requested_reply=false means
1096 if (!requested_reply && rule->allow && rule->d.receive.requested_reply)
1098 _dbus_verbose (" (policy) skipping allow rule since it only applies to requested replies\n");
1102 /* for deny, requested_reply=false means the rule applies only
1103 * when the reply was not requested. requested_reply=true means the
1104 * rule always applies.
1106 if (requested_reply && !rule->allow && !rule->d.receive.requested_reply)
1108 _dbus_verbose (" (policy) skipping deny rule since it only applies to unrequested replies\n");
1113 if (rule->d.receive.path != NULL)
1115 if (dbus_message_get_path (message) != NULL &&
1116 strcmp (dbus_message_get_path (message),
1117 rule->d.receive.path) != 0)
1119 _dbus_verbose (" (policy) skipping rule for different path\n");
1124 if (rule->d.receive.interface != NULL)
1126 if (dbus_message_get_interface (message) != NULL &&
1127 strcmp (dbus_message_get_interface (message),
1128 rule->d.receive.interface) != 0)
1130 _dbus_verbose (" (policy) skipping rule for different interface\n");
1135 if (rule->d.receive.member != NULL)
1137 if (dbus_message_get_member (message) != NULL &&
1138 strcmp (dbus_message_get_member (message),
1139 rule->d.receive.member) != 0)
1141 _dbus_verbose (" (policy) skipping rule for different member\n");
1146 if (rule->d.receive.error != NULL)
1148 if (dbus_message_get_error_name (message) != NULL &&
1149 strcmp (dbus_message_get_error_name (message),
1150 rule->d.receive.error) != 0)
1152 _dbus_verbose (" (policy) skipping rule for different error name\n");
1157 if (rule->d.receive.origin != NULL)
1159 /* sender can be NULL for messages that originate from the
1160 * message bus itself, we check the strings in that case as
1161 * built-in services don't have a DBusConnection but will
1162 * still set the sender on their messages.
1166 if (!dbus_message_has_sender (message,
1167 rule->d.receive.origin))
1169 _dbus_verbose (" (policy) skipping rule because message sender is not %s\n",
1170 rule->d.receive.origin);
1176 BusService *service;
1179 _dbus_string_init_const (&str, rule->d.receive.origin);
1181 service = bus_registry_lookup (registry, &str);
1183 if (service == NULL)
1185 _dbus_verbose (" (policy) skipping rule because origin %s doesn't exist\n",
1186 rule->d.receive.origin);
1190 if (!bus_service_has_owner (service, sender))
1192 _dbus_verbose (" (policy) skipping rule because origin %s isn't owned by sender\n",
1193 rule->d.receive.origin);
1200 allowed = rule->allow;
1202 _dbus_verbose (" (policy) used rule, allow now = %d\n",
1210 bus_client_policy_check_can_own (BusClientPolicy *policy,
1211 DBusConnection *connection,
1212 const DBusString *service_name)
1215 dbus_bool_t allowed;
1217 /* policy->rules is in the order the rules appeared
1218 * in the config file, i.e. last rule that applies wins
1222 link = _dbus_list_get_first_link (&policy->rules);
1223 while (link != NULL)
1225 BusPolicyRule *rule = link->data;
1227 link = _dbus_list_get_next_link (&policy->rules, link);
1229 /* Rule is skipped if it specifies a different service name from
1233 if (rule->type != BUS_POLICY_RULE_OWN)
1236 if (rule->d.own.service_name != NULL)
1238 if (!_dbus_string_equal_c_str (service_name,
1239 rule->d.own.service_name))
1244 allowed = rule->allow;
1250 #ifdef DBUS_BUILD_TESTS
1253 bus_policy_test (const DBusString *test_data_dir)
1255 /* This doesn't do anything for now because I decided to do it in
1256 * dispatch.c instead by having some of the clients in dispatch.c
1257 * have particular policies applied to them.
1263 #endif /* DBUS_BUILD_TESTS */