[Merge] lp:~zhangew401/usensord/fix-lp-1433590 into lp:usensord

[Tyler Hicks]

No, you can't trust /proc/PID/cmdline, either.

You can ask dbus for the AppArmor profile that is confining the connecting process. All click apps are confined by AppArmor and, therefore, cannot change to other profiles or escape confinement. All processes that are unconfined can be treated as "trusted" processes since they're services that are shipped as part of the image we produce.

To ask dbus for a peer's AppArmor confinement context, call GetConnectionCredentials and then use the LinuxSecurityLabel in the returned dict. See this for more info:

  https://dbus.freedesktop.org/doc/dbus-specification.html#bus-messages-get-connection-credentials

Then you'll need to use libapparmor's aa_splitcon() function to break the confinement context into a label and a mode. See the aa_splitcon(3) man page for details.

You can use the label to identify the dbus peer. It will be "unconfined" if it is a trusted process. I believe that will be the case for maliit-server. You can verify by running `ps auxZ | grep maliit-server` and looking at the first column to see its AppArmor confinement context.
-- 
https://code.launchpad.net/~zhangew401/usensord/fix-lp-1433590/+merge/299959
Your team Ubuntu Phablet Team is subscribed to branch lp:usensord.