Passing sensitive data over D-Bus

Lennart Poettering mzqohf at
Mon Nov 9 14:42:07 PST 2009

On Mon, 09.11.09 23:17, Roberto -MadBob- Guido (bob4mail at wrote:

> On Sat, 2009-11-07 at 18:22 +0100, Thiago Macieira wrote:
> > If you're on the system bus (not the user's session bus), then it
> > should be 
> > safe to pass sensitive data over method calls and method replies.
> > 
> This is due system bus is encrypted in some way (which one?) or due
> confidence on the fact processes need particular privileges to
> communicate over this bus?

That is simply due to the fact that on on Unix systems the user can always
(or actually must) trust the system services. 

User code may always trust other code that is run by the same user and
all system services. That means that as long as you exchange your
secrets only via local same-user-owned processes (such as a local session
dbus daemon owned by the same user) or system services (such as a
system dbus daemon) you should be safe.

Or the other way round: it is not a good idea to send secrets across
the network with dbus (since it does not encrypt anything), nor to
pass them on to other (non-system) users.


Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net           GnuPG 0x1A015CC4

More information about the dbus mailing list