Havoc Pennington hp at redhat.com
Mon Sep 18 13:07:17 PDT 2006

Derek Ditch wrote:
> Hi, I'm new here, but just wanted to point out a possible problem with this 
> appraoch (which may already be obvious, if so, I apologize).  By setting the 
> uid to 1 and just assuming the console user, you break the use-case where 
> someone may want to run a terminal server with multiple sessions of a 
> particular app (say using KOffice when it is released w/ KDE4).  If everyone 
> on the system effectively has the same uid to dbus, then anyone will be able 
> to access the IPC of all the other users.

The uid of 1 should not escape outside a single dbus process, it would 
just be an internal token to indicate "authenticated as the same user as 
the current bus process" i.e. (1 == _dbus_getuid())

A bus using this hack would not allow anyone to connect except the owner 
of the bus process. i.e. it only works for the per-user-session bus.


More information about the dbus mailing list