From b5c680570e49aabe4da28d9cd2ab4ac8d4288c6a Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Thu, 31 May 2018 17:20:11 +0100
Subject: [PATCH 27/39] containers: Containers with an Allow policy cannot see
 most unique names

We unconditionally allow connections in the same container to see each
other, and as a trivial case, allow a connection to see itself.

Signed-off-by: Simon McVittie <smcv@collabora.com>
---
 bus/containers.c | 35 +++++++++++++++++++++++++++++++++++
 1 file changed, 35 insertions(+)

diff --git a/bus/containers.c b/bus/containers.c
index b731fa37..ea2a117b 100644
--- a/bus/containers.c
+++ b/bus/containers.c
@@ -1682,9 +1682,44 @@ dbus_bool_t
 bus_containers_check_can_see_connection (DBusConnection *observer,
                                          DBusConnection *subject)
 {
+#ifdef DBUS_ENABLE_CONTAINERS
+  BusContainerInstance *instance;
+#endif
+
   _dbus_assert (observer != NULL);
   _dbus_assert (subject != NULL);
 
+#ifdef DBUS_ENABLE_CONTAINERS
+  instance = connection_get_instance (observer);
+
+  if (instance == NULL)
+    return TRUE;
+
+  if (instance->has_policy)
+    {
+      BusContainerInstance *subject_instance;
+
+      /* Trivial case: if the same connection owns it, it's
+       * obviously visible */
+      if (subject == observer)
+        return TRUE;
+
+      subject_instance = connection_get_instance (subject);
+
+      /* If it's the unique name of another connection in the same
+       * container instance then it's visible */
+      if (subject_instance == instance)
+        return TRUE;
+
+      /* TODO: Allow containers to see unique names that have
+       * previously contacted them */
+
+      /* TODO: Have a policy by which containers can optionally see
+       * other unique names */
+      return FALSE;
+    }
+#endif /* DBUS_ENABLE_CONTAINERS */
+
   return TRUE;
 }
 
-- 
2.17.0