From owner-freebsd-hackers@freebsd.org  Thu Mar 10 12:04:35 2016
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 160C6AC9478
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Thu, 10 Mar 2016 12:04:35 +0000 (UTC)
 (envelope-from nonesuch@longcount.org)
Received: from mail-qg0-x229.google.com (mail-qg0-x229.google.com
 [IPv6:2607:f8b0:400d:c04::229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id CC84D299
 for <freebsd-hackers@freebsd.org>; Thu, 10 Mar 2016 12:04:34 +0000 (UTC)
 (envelope-from nonesuch@longcount.org)
Received: by mail-qg0-x229.google.com with SMTP id u110so67985109qge.3
 for <freebsd-hackers@freebsd.org>; Thu, 10 Mar 2016 04:04:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=longcount-org.20150623.gappssmtp.com; s=20150623;
 h=mime-version:subject:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=MXfokCsh6/A17G6dPzznJxDCSgtiWJ8d80EQPJZ62Dc=;
 b=O9EA0o+ucfQD59QaYXHcf3UmOXID89RVbA5rtPn0TheAB+Y6NlF7eW4+8utku8/Olc
 nFRJf5a5TUxizGxaZY0DL21CVRd5H+qAl2or+SCp4rFHKzdhBObYuYCakKZD2lf5iJNf
 Ue8BCFHh8NKqXjsOqcl0vtaCLcnW6fawO12OKpH4w9Ld/qxaljzP6e6Nolx2GZJZkzc5
 0P1jf2yjjc5LEQQzr73tR/W4o1ULq+Kw0z3e57Ap4lmiUTb6gU3VB4Y3DB+hhLLT6hSq
 bwJmxkVqjR7rfUGzH2bo2nVNu0aPNVA580mI8swV0M2Mpj+Ha0HD4kxFNaHz7VqweQS9
 QgCQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
 :content-transfer-encoding:message-id:references:to;
 bh=MXfokCsh6/A17G6dPzznJxDCSgtiWJ8d80EQPJZ62Dc=;
 b=L6HFYX6aMUWOg8jJ3Pl12/iI0uxdvaGPNi6JuwABjUnz4hPQUL+Bz8Emmc6S1BkDQ2
 9Ur4Z31JhuCoNM5Vh6YSEpTXzxuge01+UeT3i6Iz0Zvrb+KLeth+Y4ylqNc9lttOScrV
 PKiIAfLlQLWHIE2XrJVbVArzmlwHjs9c0ZUUL6UwaVFf6iu+1qTVWyCfEWNZUOAxOV6q
 CRzqFTJv2YLXO6BWojTXENzcFOKdLqU7kB5qZDSCfA/SE8GjiCUo1vAL/O8FLgGkm2hz
 MzgCqeZPdhm43t8Szbqblx+s/SNxNBlkrf/Z4FdtK1mI+qN1D/1t5nEX+5Izu2utogER
 bdyg==
X-Gm-Message-State: AD7BkJKFp/5XvcUEMYLZR8y18etxseLzShlXlRsGry3LwRuXpbDRGyQwzhqO2oCrKlQZhg==
X-Received: by 10.140.101.147 with SMTP id u19mr3542990qge.71.1457611473667;
 Thu, 10 Mar 2016 04:04:33 -0800 (PST)
Received: from [192.168.1.51] (ool-4351f633.dyn.optonline.net. [67.81.246.51])
 by smtp.gmail.com with ESMTPSA id
 r18sm1523740qkl.24.2016.03.10.04.04.33
 (version=TLSv1/SSLv3 cipher=OTHER);
 Thu, 10 Mar 2016 04:04:33 -0800 (PST)
Content-Type: text/plain;
	charset=us-ascii
Mime-Version: 1.0 (1.0)
Subject: Re: Converting DAC or policy Rules into Capsicum capabilities
From: Mark Saad <nonesuch@longcount.org>
X-Mailer: iPhone Mail (13D15)
In-Reply-To: <CAOMeaBSV+rGLYsWaXm+jYOan5HHLskzbk3J9zfnTTmDacJEMYQ@mail.gmail.com>
Date: Thu, 10 Mar 2016 07:04:32 -0500
Cc: freebsd-hackers@freebsd.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <5F38D237-B15A-48B6-8766-622DA1B17B91@longcount.org>
References: <CAOMeaBSV+rGLYsWaXm+jYOan5HHLskzbk3J9zfnTTmDacJEMYQ@mail.gmail.com>
To: pavan teja <bharghav2947@gmail.com>
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Mar 2016 12:04:35 -0000

Pavan
 What is the use of kdbus ?  It's been abandoned,=20
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D806558;msg=3D5  could th=
e Mach ipc module from nextbsd be used ?


---
Mark Saad | nonesuch@longcount.org

> On Mar 10, 2016, at 3:50 AM, pavan teja <bharghav2947@gmail.com> wrote:
>=20
> Hello everyone,
>                   I'm right now working on Implementing KDBus project into=

> FreeBSD project .In the KDBus we have a set of policy rules by which we ca=
n
> control the bus connectivity by other processes . If viewing from the othe=
r
> side policy rules appeared to me similar to DAC the security mechanism use=
d
> in Linux . Can anyone suggest me a good way to convert these DAC rules int=
o
> capabilities .I want to replace these policy rules in KDBus in my design
> and replace them with some capabilities . *Example for some policy rules
> are:*
>=20
>  KDBUS_ITEM_NAME: str=3D'org.foo.bar'
>  KDBUS_ITEM_POLICY_ACCESS: type=3DUSER, access=3DOWN, id=3D1000
>  KDBUS_ITEM_POLICY_ACCESS: type=3DUSER, access=3DTALK, id=3D1001
>  KDBUS_ITEM_POLICY_ACCESS: type=3DWORLD, access=3DSEE
>=20
> Please help me out by stating an example as how i can convert policy
> rules as these into some form of capabilities given to each process
> .This would be very helpful for my design.
> _______________________________________________
> freebsd-hackers@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org"=