Passing sensitive data over D-Bus

Milan Bouchet-Valat nalimilan at club.fr
Wed Nov 11 03:13:51 PST 2009


Le mardi 10 novembre 2009 à 11:48 -0600, Stef Walter a écrit :
> It's somewhat complex, but being that we already link to crypto
> libraries, it is relatively easy for gnome-keyring to implement.
> 
> It wouldn't work between machines, due to MITM attacks. Essentially
> you'd need SSL and certificates when talking over a network.
> 
> The reason it works for us (on a single machine) is that we're not
> trying to protect against 'active' attacks like MITM [1].
Right. So that's not really of interest in my case, because network bus
would have been the only situation where we need it. And I don't think
we want to add another layer of complexity in two different languages to
encrypt our passwords - we've already enough problems to solve.

Thanks anyways for the idea.



More information about the dbus mailing list