From 1af5d0f8f959bd7657a198e0cf215fa567f2c18a Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Mon, 15 Jan 2018 20:05:05 +0000 Subject: [PATCH 10/11] sysdeps: Document what _dbus_credentials_new_from_current_process has It only has the most important credentials, not the full set. Signed-off-by: Simon McVittie --- dbus/dbus-credentials.c | 2 +- dbus/dbus-sysdeps-unix.c | 10 ++++++++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/dbus/dbus-credentials.c b/dbus/dbus-credentials.c index dfd4522b..9b6dcde2 100644 --- a/dbus/dbus-credentials.c +++ b/dbus/dbus-credentials.c @@ -93,7 +93,7 @@ _dbus_credentials_new (void) } /** - * Creates a new object with credentials (user ID and process ID) from the current process. + * Creates a new object with the most important credentials (user ID and process ID) from the current process. * @returns the new object or #NULL if no memory */ DBusCredentials* diff --git a/dbus/dbus-sysdeps-unix.c b/dbus/dbus-sysdeps-unix.c index 0f1a16db..40d32714 100644 --- a/dbus/dbus-sysdeps-unix.c +++ b/dbus/dbus-sysdeps-unix.c @@ -2743,8 +2743,14 @@ _dbus_user_info_fill_uid (DBusUserInfo *info, } /** - * Adds the credentials of the current process to the - * passed-in credentials object. + * Adds the most important credentials of the current process + * (the uid and pid) to the passed-in credentials object. + * + * The group vector is not included because it is rarely needed. + * The Linux security label is not included because it is rarely + * needed, it requires reading /proc, and the LSM API doesn't actually + * guarantee that the string seen in /proc is comparable to the strings + * found in SO_PEERSEC results. * * @param credentials credentials to add to * @returns #FALSE if no memory; does not properly roll back on failure, so only some credentials may have been added -- 2.15.1