fdo-mirrors/dbus
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/dbus/dbus.git synced 2026-05-01 10:18:08 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
dbus/doc/TODO
Havoc Pennington 777707ed8d 2003-04-13 Havoc Pennington <hp@pobox.com> 
* dbus/dbus-mainloop.c: fix some reentrancy issues by refcounting
	callbacks

	* test/data/valid-config-files/debug-allow-all.conf.in: allow all
	users

	* dbus/dbus-transport.c (_dbus_transport_get_dispatch_status):
	fix to only recover unused bytes if we're already authenticated
	(_dbus_transport_get_is_authenticated): fix to still mark us
	authenticated if there are unused bytes.

	* bus/dispatch.c: implement security policy checking

	* bus/connection.c (bus_transaction_send_from_driver): new

	* bus/bus.c (bus_context_check_security_policy): new

	* bus/dispatch.c (send_service_nonexistent_error): delete this,
	now we just set the DBusError and it gets converted to an error
	reply.

	* bus/connection.c (allow_user_function): enable code using actual
	data from the config file

	* bus/policy.c (list_allows_user): handle wildcard rules for
	user/group connection perms
2003-04-14 02:29:21 +00:00

88 lines
3.7 KiB
Text
Raw Blame History

- Service and message names should be more carefully restricted;
they should have a max length, may not be an empty string,
and perhaps should not be allowed to be a glob such as "*" since
the config file could conveniently use such notation.
Suggest requiring length > 0, length < max,
name contains at least one ".", no initial ".", and valid UTF-8.
That would prohibit plain "*" but not "foo.bar.baz.operator*"
For maximum convenience from all programming languages, we could go
further and just categorically ban nearly all non-alphanumeric
characters.
- Message matching rules (so broadcasts can be filtered) need sorting
out.
- How we will handle DCOP needs sorting out. Among other things, we
need to check that service and service-ownership semantics map to DCOP
reasonably well.
- Activation needs some careful additional thinking-through.
- Recursive/composite/etc. types and associated API, see mailing list.
- Configuration file (working on that now)
- Property list feature on message bus (list of properties associated
with a connection). May also include message matching rules
that involve the properties of the source or destination
connection.
- Implement all the needed resource limits to keep clients from
killing the message bus.
- Automatic service activation, should probably be done through a message flag.
- Disconnecting the remote end on invalid UTF-8 is probably not a good
idea. The definitiion of "valid" is slightly fuzzy. I think it might
be better to just silently "fix" the UTF-8, or perhaps return an error.
Owen says we should only validate the UTF-8 on dbus_message_get_string()
(changing get_string to have an error return, and allowing a type error
as a possible return)
- We might consider returning a "no such operation" error in dbus-connection.c
for unhandled messages.
- Abstract the user database, so you can use something other than the system password
database.
- The convenience functions in dbus-bus.h should perhaps have
the signatures that they would have if they were autogenerated
stubs. e.g. the acquire service function. We should also evaluate
which of these functions to include, in light of the fact that
GLib/Qt native stubs will probably also exist.
- The message handler interface needs rethinking, perhaps handlers should be able
to return an error that automatically gets turned into a message; most likely
some basic spec'ing out of the GLib/Qt level stubs/skels stuff will be
needed to understand the right approach.
- sync up DBusWatch and DBusTimeout so that handle_watch() is a method on DBusWatch
similar to the way timeouts work
- there are various bits of code to manage ref/unref of data slots, that should
be merged into a generic facility
- add _dbus_return_if_fail, _dbus_return_val_if_fail() and use on public entry
points in place of _dbus_assert(). Add --disable-checks to control whether these
do anything.
- assorted _-prefixed symbols in libdbus aren't actually used by
libdbus, only by the message bus. These bloat up the library
size. Not sure how to fix, really.
- dbus_error_has_name(), dbus_message_name_is()
- add DBUS_TYPE_INT64 ?
- if you send a message to a service then block for reply, and the service exits/crashes
after the message bus has processed your message but before the service has replied,
it would be nice if the message bus sent you an error reply.
- We have a limit on the number of messages a connection can send, but
not on how many can be buffered for a given connection.
- make client serial and reply serial unsigned and add dbus_message_get_is_reply()
Reference in a new issue View git blame Copy permalink