sending authentication data over the bus

Rodrigo Moya rodrigo at gnome-db.org
Thu Jul 29 08:36:13 PDT 2010


Hi

I am working on an authentication service which, right now, is fired by
apps requiring the authentication. This service retrieves the tokens for
the user (OAuth tokens) and stores them in the GNOME keyring, and then
signals the application making the call so that it can retrieve the
tokens from the keyring.

We were wondering if sending the tokens over the bus, to avoid having
apps having to read the keyring, would be secure. So, is it? Can
external apps (running as a different user on the same system) listen to
the plain text communication over the bus?

cheers



More information about the dbus mailing list