Anonymous auth method is broken

Havoc Pennington havoc.pennington at
Sat Jan 31 12:08:23 PST 2009


Here is the bug:

There's lots of past discussion on this:

Nothing has really changed....

The fundamental thing to know is that ANONYMOUS with dbus-daemon has
never been intended to work; the anonymous mechanism was created for
people writing custom, non-dbus-daemon servers with the DBusServer

So ANONYMOUS with dbus-daemon is simply not implemented, not thought
through, and does not exist. It doesn't make any sense in the intended
uses of dbus-daemon (system and session bus), it's only useful for
people "abusing" dbus-daemon for random stuff, so I don't have much
understanding of how to evaluate this issue, and I don't expect the
current dbus maintainers will fix it themselves. It's something
someone who has a use for this is going to need to explain the
use-cases for and iterate the patch until it gets in.


More information about the dbus mailing list