blob: 021135d566ed4f8d8d332159f634bfae8a90a0f2 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
Introduction
------------
The session broadcast service provides a way for the greeter to communicate
information back to user sessions without requiring special privileges.
In a multi-user system, the greeter is untrusted, and shouldn't directly
connect to a user session.
How it works
------------
The greeter session can send a message to a service that exists on the
system DBus. That messages is then rebroadcast as a signal coming from the
well-known name of the system service. Each user session that is currently
active has a listener for that well known signal and can act on it taking
into account the current settings and user preferences of the session.
Greeter Session User Session
+----------------------------------+ +------------------------------------+
| | | |
| | | |
| +--------------------+ | | +-------------------+ |
| | | | | | | |
| | | | | | | |
| | Greeter | | | | User Agent | |
| | | | | | | |
| | | | | | | |
| +--------------------+ | | +-------------------+ |
| + | | + |
| | | | | |
| | | | | |
+-----------------------------|----+ +-----------|------------------------+
|Sends message | Listens for Signal
| |
+------------------|----------------------------|---------+
| | v |
| System Bus | ^ |
+------------------|-------------------|------------------+
v + Emits Signal
+-----------------------------+
| |
| Session Broadcast |
| |
+-----------------------------+
Security
--------
All active user session receive greeter broadcasted signals. The following
security policies are in place:
* Messages are only accepted from the lightdm user. All other messages
from other folks on the bus are rejected.
* The User session will have configuration options to determine which
events will be acted on. This allows for users to configure their
session with an appropriate security policy (complete privacy,
enterprise or government users, etc.)
* Each message and feature will be well defined without dictionaries or
other extension mechanisms.
|