Issues while using DBUS over TCP
Havoc Pennington
hp at pobox.com
Wed Aug 6 09:55:59 PDT 2008
Hi,
On Wed, Aug 6, 2008 at 11:19 AM, Schmottlach, Glenn
<GSchmott at harmanbecker.com> wrote:
> Too bad there isn't a configuration option within session.conf (or
> system.conf) that enables anonymous connections without requiring the
> modifications to the source code and rebuilding the daemon. It seeems
> that this would be a common enough request that inclusion in the main
> code-base would be worthwhile.
There is a past thread discussing this (I would guess that's where you
got the patch?).
The issue is that nobody has worked out whether it's secure to do this
and whether it will confuse/crash the bus daemon. Someone with an
understanding of the issues has to think about and write up whether it
is OK. "Seems to work" isn't sufficient. For example, sometimes the
bus daemon tries to get the user ID from a connection; does it handle
not getting one? And how are security policies applied to an anonymous
connection in the current code?
Anyway, if someone does the thinking and code review and writes down
why they feel confident this is secure / works, we could include it.
Until then, the wiki page is a good step forward, but I'd suggest
footnoting it that there may be issues with the patch and nobody
really knows.
Havoc
More information about the dbus
mailing list