diff options
| author | Simon McVittie <smcv@collabora.com> | 2017-07-19 15:53:17 +0100 |
|---|---|---|
| committer | Simon McVittie <smcv@debian.org> | 2017-07-28 11:24:20 +0100 |
| commit | 7424c3499f1cfafabfca49710e757eb43813f65e (patch) | |
| tree | b4ddb57785ada4a7ec4e4093c918964fcda9d9bf /doc | |
| parent | 2d3f751716c64c3d7997bbcd362df5e4a6b1d63e (diff) | |
| download | dbus-7424c3499f1cfafabfca49710e757eb43813f65e.tar.gz dbus-7424c3499f1cfafabfca49710e757eb43813f65e.tar.bz2 dbus-7424c3499f1cfafabfca49710e757eb43813f65e.zip | |
Add send_broadcast as an attribute of <allow> and <deny> elements
<allow send_broadcast="true" ...> only matches broadcasts,
which are signals with a NULL destination. There was previously
no way for the policy language to express "NULL destination",
only "any destination".
<allow send_broadcast="false" ...> only matches non-broadcasts,
which are non-signals or signals with a non-NULL destination.
There was previously no way for the policy language to express
"any non-NULL destination", only "any destination".
Reviewed-by: Philip Withnall <withnall@endlessm.com>
[smcv: improved documentation as per Philip's review]
Signed-off-by: Simon McVittie <smcv@collabora.com>
Reviewed-by: Thiago Macieira <thiago@kde.org>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=92853
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/dbus-daemon.1.xml.in | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/dbus-daemon.1.xml.in b/doc/dbus-daemon.1.xml.in index cd967c87..067fdcd5 100644 --- a/doc/dbus-daemon.1.xml.in +++ b/doc/dbus-daemon.1.xml.in @@ -842,6 +842,7 @@ statements, and works just like <deny> but with the inverse meaning.</para send_interface="interface_name" | "*" send_member="method_or_signal_name" | "*" send_error="error_name" | "*" + send_broadcast="true" | "false" send_destination="name" | "*" send_type="method_call" | "method_return" | "signal" | "error" | "*" send_path="/path/name" | "*" @@ -915,6 +916,16 @@ will not work either. As a special case, <literal>receive_sender="*"</literal> similarly matches any message.</para> <para> + Rules with <literal>send_broadcast="true"</literal> match signal messages + with no destination (broadcasts). Rules with + <literal>send_broadcast="false"</literal> are the inverse: they match any + unicast destination (unicast signals, together with all method calls, replies + and errors) but do not match messages with no destination (broadcasts). This + is not the same as <literal>send_destination="*"</literal>, which matches any + sent message, regardless of whether it has a destination or not. +</para> + +<para> The other <literal>send_</literal>* and <literal>receive_</literal>* attributes are purely textual/by-value matches against the given field in the message header, except that for the attributes where it is allowed, |