We need to figure out which of the possible names satisfied the policy,
so we cannot do the iteration in check_policy_item() but have to leave it
to the users.
Test cases amended accordingly.
- if (a->is_kernel)
- return 0;
- r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
- if (r < 0)
- return r;
+ /* The message came from the kernel, and is sent to our legacy client. */
+ r = sd_bus_creds_get_well_known_names(&m->creds, &names_strv);
+ if (r < 0)
+ return r;
- if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member))
- return -EPERM;
+/*
+ if (!policy_check_recv(policy, ucred, names_hash, m->header->type, m->path, m->interface, m->member))
+ return -EPERM;
- if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member))
- return -EPERM;
+ if (!policy_check_send(policy, ucred, names_strv, m->header->type, m->path, m->interface, m->member))
+ return -EPERM;
+*/
+ } else {
+
+
+
+
+ }