Passing sensitive data over D-Bus
Thiago Macieira
thiago at kde.org
Sat Nov 7 09:22:17 PST 2009
Em Sábado 7. Novembro 2009, às 15.03.54, Milan Bouchet-Valat escreveu:
> Hi all!
>
> In the system-tools-backends/gnome-system-tools, we have long been
> encrypting user passwords before sending them over the bus from the GUI
> to the privileged backends. But this raises several problems since we're
> forced to reimplement in the GUI a password-encryption mechanism that is
> not distribution-dependent, which can severely break things. So we'd
> like to send the clear-text password to the backends, letting the
> standard system tools or PAM itself do what should be done.
>
> Is D-Bus considered secure for this kind of highly sensitive data, when
> sender and receiver are on the same host? If not, since SSL encryption
> is not supported AFAIK, that would leave us with opening a pipe to pass
> the secrets between the GUI and the backend. What do you think of this
> solution? Is there a general model for this kind of use case?
If you're on the system bus (not the user's session bus), then it should be
safe to pass sensitive data over method calls and method replies. Signals are
broadcast, so anyone could listen to them, though.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Senior Product Manager - Nokia, Qt Development Frameworks
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
Url : http://lists.freedesktop.org/archives/dbus/attachments/20091107/80022ede/attachment.pgp
More information about the dbus
mailing list