Anonymous auth method is broken

Schmottlach, Glenn glenn.schmottlach at harman.com
Sun Feb 1 13:17:04 PST 2009


> I already did this in the old threads you were involved in. As I said
> then and now, it is not intended to work with dbus-daemon. It should
> work with libdbus, but dbus-daemon does not use this libdbus feature.

I guess the distinction (between libdbus and dbus-daemon) was not clear to me at the time. So, basically, the underlying library supports it but the particular reference implementation found in dbus-daemon does not. Perhaps this ought to be mentioned in a FAQ due to the continuous confusion around this issue. For right or wrong, people are trying to create TCP/IP connections to the daemon from outside the host. The documentation leads you to believe it's possible (I guess it is, from the library perspective) but the reference implementation of the daemon does not allow it.

> I consider it an open question whether it *should* work with
> dbus-daemon. I don't really know what people are trying to do

I think I've mentioned before why I'm trying to do this. Although DBus was intended to be a desktop IPC/application bus, it's usefulness has exceeded its original design intent (you should be congratulated on this ;-) In my situation, I'd like to use it in an embedded system where a TCP/IP connection to the daemon allows me to exercise/test my target system from a host using the Python binding. It's great to develop unit tests from you host and connect to the target remotely using DBus. I'm sure you can understand how useful that would be. Now, this remote connection is typically disabled when the product is shipped since it's only intended for debug purposes. No one except "trusted" users (me) will be able to connect in this fashion.

So, it boils down to the fact that I'm inherently lazy. I have a reference dbus-daemon implementation that does 99.9% of what I want it to do. The 0.1% that is missing is being able to TCP/IP into the daemon. I'd rather not write a completely new daemon to implement this functionality. It's unfortunate that this feature could not be added but disabled by default (via the configuration file) to eliminate the obvious security hole. I'm sure I wouldn't be the only embedded developer who would appreciate this feature on the reference implementation.

Just a thought . . .


More information about the dbus mailing list