Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

interface: Allow access to org.freedesktop.DBus.ListActivatableNames via system-observe interface #12222

Merged
merged 1 commit into from
Oct 23, 2022
Merged

interface: Allow access to org.freedesktop.DBus.ListActivatableNames via system-observe interface #12222

merged 1 commit into from
Oct 23, 2022

Conversation

robert-ancell
Copy link
Contributor

org.freedesktop.DBus.ListNames is already allowed, and this is a related method.

@robert-ancell
interface: Allow access to org.freedesktop.DBus.ListActivatableNames …
c0f6e7a 
…via system-observe interface

org.freedesktop.DBus.ListNames is already allowed, and this is a related method.
@robert-ancell
Copy link
Contributor Author

This is requested specifically for gnome-shell, which is using both these method calls in the desktop icons extension. The ListNames succeeds, and the ListActivatableNames hits an exception due to the request being denied.

@robert-ancell robert-ancell mentioned this pull request Oct 4, 2022
Merged
jhenstridge
jhenstridge approved these changes Oct 4, 2022
View reviewed changes
Copy link
Contributor

@jhenstridge jhenstridge left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems like a reasonable addition. The names listed by ListActivatableNames but not in ListNames are still available to accept method calls.

While the interface description is "allows observing all processes and drivers", it doesn't seem like a stretch to include this permission in the interface.

mardy
mardy approved these changes Oct 4, 2022
View reviewed changes
Copy link
Contributor

@mardy mardy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense for me as well, thanks. I'm still adding the security team just to err on the safe side.

@mardy mardy added the Needs security review Can only be merged once security gave a :+1: label Oct 4, 2022
alexmurray
alexmurray approved these changes Oct 6, 2022
View reviewed changes
Copy link
Contributor

@alexmurray alexmurray left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@alexmurray alexmurray removed the Needs security review Can only be merged once security gave a :+1: label Oct 6, 2022
@mvo5 mvo5 added the Skip spread Indicate that spread job should not run label Oct 11, 2022
@mvo5 mvo5 merged commit f091a6b into canonical:master Oct 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@alexmurray alexmurray alexmurray approved these changes

@mardy mardy mardy approved these changes

@jhenstridge jhenstridge jhenstridge approved these changes

Assignees
No one assigned
Labels
Skip spread Indicate that spread job should not run
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@robert-ancell @alexmurray @mardy @jhenstridge @mvo5