sending authentication data over the bus

Miller, Douglas K. CONT NAVAIR 2109, 1, N139 douglas.k.miller at navy.mil
Thu Jul 29 11:56:16 PDT 2010


Great! Will it be open sourced? 

-----Original Message-----
From: dbus-bounces+douglas.k.miller=navy.mil at lists.freedesktop.org
[mailto:dbus-bounces+douglas.k.miller=navy.mil at lists.freedesktop.org] On
Behalf Of Thiago Macieira
Sent: Thursday, July 29, 2010 2:44 PM
To: dbus at lists.freedesktop.org
Subject: Re: sending authentication data over the bus

On Thursday 29. July 2010 12.36.13 Rodrigo Moya wrote:
> Hi
> 
> I am working on an authentication service which, right now, is fired 
> by apps requiring the authentication. This service retrieves the 
> tokens for the user (OAuth tokens) and stores them in the GNOME 
> keyring, and then signals the application making the call so that it 
> can retrieve the tokens from the keyring.
> 
> We were wondering if sending the tokens over the bus, to avoid having 
> apps having to read the keyring, would be secure. So, is it? Can 
> external apps (running as a different user on the same system) listen 
> to the plain text communication over the bus?

Different users cannot connect to the session bus.

--
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
  Senior Product Manager - Nokia, Qt Development Frameworks
      PGP/GPG: 0x6EF45358; fingerprint:
      E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358


More information about the dbus mailing list