Passing sensitive data over D-Bus
Lennart Poettering
mzqohf at 0pointer.de
Mon Nov 9 14:42:07 PST 2009
On Mon, 09.11.09 23:17, Roberto -MadBob- Guido (bob4mail at gmail.com) wrote:
>
> On Sat, 2009-11-07 at 18:22 +0100, Thiago Macieira wrote:
> > If you're on the system bus (not the user's session bus), then it
> > should be
> > safe to pass sensitive data over method calls and method replies.
> >
> This is due system bus is encrypted in some way (which one?) or due
> confidence on the fact processes need particular privileges to
> communicate over this bus?
That is simply due to the fact that on on Unix systems the user can always
(or actually must) trust the system services.
User code may always trust other code that is run by the same user and
all system services. That means that as long as you exchange your
secrets only via local same-user-owned processes (such as a local session
dbus daemon owned by the same user) or system services (such as a
system dbus daemon) you should be safe.
Or the other way round: it is not a good idea to send secrets across
the network with dbus (since it does not encrypt anything), nor to
pass them on to other (non-system) users.
Lennart
--
Lennart Poettering Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/ GnuPG 0x1A015CC4
More information about the dbus
mailing list