Issues while using DBUS over TCP

Wed Aug 6 10:34:14 PDT 2008

> There is a past thread discussing this (I would guess that's where you
> got the patch?).

Correct . . . I got the patch from a previous post . . . although there
looks like there are at least two such versions of this "patch" (each in
different files). I picked the one that *appeared* most reasonable.

> The issue is that nobody has worked out whether it's secure to do this
> and whether it will confuse/crash the bus daemon. Someone with an
> understanding of the issues has to think about and write up whether it
> is OK. "Seems to work" isn't sufficient.

Understood and agreed . . . "seems to work" is not sufficient criteria
for inclusion into the main code-base. Unfortunately, I am new to DBUS
and after trolling through the mailing list, this is all that I could
come up with. Without these discussions and suggestions, developers new
to DBUS have no idea what approaches have been tried. Actually, I am
quite surprised DBUS over TCP has received such little attention and
support. It seems like this might've been a feature that would've been
added years ago - especially for people using Linux in an embedded
environment. Having a remote embedded bus-based architecture (without
the complexity/bloat of CORBA) available via client-side scripting is a
great infrastructure on which to build an embedded system.

> Anyway, if someone does the thinking and code review and writes down
> why they feel confident this is secure / works, we could include it.

Who added the original TCP support? It seems like the support is
*almost* there. Perhaps I am missing something. I don't necessary
need/want completely ANONYMOUS authentication support. For my
application, passing a magic cookie (or other authentication
credentials) that identifies the user over TCP on the target would be
adequate. Is there way to currently do this WITHOUT requiring shared
directories etc...? Does it work with the Python client bindings? What
is the use-case of the current TCP support? It appears almost useless
without enabling ANONYMOUS access and authentication at the daemon. This
leads me to believe I may be misunderstanding how this feature should be
used. 

*******************************************
Diese E-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtuemlich erhalten haben, informieren Sie bitte sofort den Absender und loeschen Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet.

This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and delete this e-mail. Any unauthorized copying, disclosure or distribution of the contents in this e-mail is strictly forbidden.
*******************************************