General question on D-Bus design considerations

Lennart Poettering mzqohf at
Mon Aug 23 13:13:44 PDT 2010

On Mon, 23.08.10 22:06, Thiago Macieira (thiago at wrote:

> On Monday 23. August 2010 19.22.12 Lennart Poettering wrote:
> > Uh? That's not really true. There is proper nego implemented for the
> > unix fd stuff. Not sure what you are missing?
> I meant in the message format. You know how difficult this is: the dbus-daemon 
> must broker the capabilities. If a message is coming from a service containing 
> an extension, the daemon must check if the receiver can receive it before 
> sending.
> When the message is a signal, there may be a big number of receivers to be 
> tested. Some may receive the message, others won't.
> It would be better if the message format allowed unknown types, which the 
> library would just ignore or skip.

Yeah. Agreed. I guess this is related to the other thing I pointed out:
that the policy design in general requires message verification in a
secure middle party. That's true both for permission verification and
for message validity verification. Would have been cool if both of that
could have happened on the client side.


Lennart Poettering - Red Hat, Inc.

More information about the dbus mailing list