Passing sensitive data over D-Bus

Thiago Macieira thiago at
Sat Nov 7 09:22:17 PST 2009

Em Sábado 7. Novembro 2009, às 15.03.54, Milan Bouchet-Valat escreveu:
> Hi all!
> In the system-tools-backends/gnome-system-tools, we have long been
> encrypting user passwords before sending them over the bus from the GUI
> to the privileged backends. But this raises several problems since we're
> forced to reimplement in the GUI a password-encryption mechanism that is
> not distribution-dependent, which can severely break things. So we'd
> like to send the clear-text password to the backends, letting the
> standard system tools or PAM itself do what should be done.
> Is D-Bus considered secure for this kind of highly sensitive data, when
> sender and receiver are on the same host? If not, since SSL encryption
> is not supported AFAIK, that would leave us with opening a pipe to pass
> the secrets between the GUI and the backend. What do you think of this
> solution? Is there a general model for this kind of use case?

If you're on the system bus (not the user's session bus), then it should be 
safe to pass sensitive data over method calls and method replies. Signals are 
broadcast, so anyone could listen to them, though.

Thiago Macieira - thiago (AT) - thiago (AT)
  Senior Product Manager - Nokia, Qt Development Frameworks
      PGP/GPG: 0x6EF45358; fingerprint:
      E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
Url : 

More information about the dbus mailing list