where is dbus 1.2 ?

Gavrie Philipson gavrie at gmail.com
Tue Feb 19 01:20:58 PST 2008

Havoc Pennington <hp at ...> writes:

> Not right now. What I mean by "thought through" is for example, I don't 
> know why you would want a bus daemon that allowed anonymous access. So 
> step one in thinking it through is to describe (on this list) some of 
> the use-cases. Then we could talk about how to add the feature (which 
> would presumably be pretty simple, just have the bus daemon call 
> set_allow_anonymous() if ANONYMOUS is one of the auth mechanisms, or 
> something).
> If the feature appears useful and we talk about how to add it, the 
> remaining step would be for a volunteer to write a patch (which should 
> be a very simple patch).
> For the system and session bus, I don't know why ANONYMOUS would be 
> useful - so I am guessing you are using the bus daemon for some other 
> custom purpose, with a custom config file?


A specific use case for ANONYMOUS access to the D-Bus daemon is when debugging a
remote or embedded system. For example, I am working on an embedded Linux system
that makes use of D-Bus as an IPC mechanism between several processes. The
standard D-Bus daemon is being used.

Since we'd like to use graphical tools such as D-Feet to interactively develop
and debug the D-Bus interfaces of the product, we're using a TCP connection from
the developer's workstation to the D-Bus daemon on the embedded system, with the
ANONYMOUS authentication mechanism. Of course this is with a custom, permissive
system.conf file that is used only for development systems.

To get this to work, I added this trivial patch to the D-Bus daemon:

diff -ruN dbus-1.1.4/dbus/dbus-server-socket.c
--- dbus-1.1.4/dbus/dbus-server-socket.c
+++ dbus-1.1.4-local/dbus/dbus-server-socket.c
@@ -123,6 +123,9 @@
       SERVER_UNLOCK (server);
       return FALSE;
+  /* Allow anonymous connections */
+  dbus_connection_set_allow_anonymous(connection, TRUE);

   /* See if someone wants to handle this new connection, self-referencing
    * for paranoia.

Would this be safe enough to leave in production code? According to the
description of the dbus_connection_set_allow_anonymous function in the code, it
applies only when ANONYMOUS is listed among the authentication mechanisms, which
is not the case on production systems.

-- Gavrie

More information about the dbus mailing list