sending authentication data over the bus
Thiago Macieira
thiago at kde.org
Thu Jul 29 11:44:03 PDT 2010
On Thursday 29. July 2010 12.36.13 Rodrigo Moya wrote:
> Hi
>
> I am working on an authentication service which, right now, is fired by
> apps requiring the authentication. This service retrieves the tokens for
> the user (OAuth tokens) and stores them in the GNOME keyring, and then
> signals the application making the call so that it can retrieve the
> tokens from the keyring.
>
> We were wondering if sending the tokens over the bus, to avoid having
> apps having to read the keyring, would be secure. So, is it? Can
> external apps (running as a different user on the same system) listen to
> the plain text communication over the bus?
Different users cannot connect to the session bus.
--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
Senior Product Manager - Nokia, Qt Development Frameworks
PGP/GPG: 0x6EF45358; fingerprint:
E067 918B B660 DBD1 105C 966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freedesktop.org/archives/dbus/attachments/20100729/19f128c3/attachment-0001.pgp>
More information about the dbus
mailing list