D-Bus User Bus

Lennart Poettering mzqohf at 0pointer.de
Mon May 24 14:39:40 PDT 2010 

On Wed, 19.05.10 23:31, Havoc Pennington (hp at pobox.com) wrote:

Heya,

> OK, if this is about ssh I think you'd have to step back and document
> the expected behavior, and su also, before it even makes sense to
> discuss how to implement it.
> 
> here is that bug:
> https://bugs.freedesktop.org/show_bug.cgi?id=17970
> a comment from me:
> https://bugs.freedesktop.org/show_bug.cgi?id=17970#c26
> 
> I don't understand why forwarding DBUS_SESSION_BUS_ADDRESS is any more
> or less OK than forwarding DISPLAY, fwiw. Though, it isn't clear to me
> that forwarding either one is what's wanted.

Well, $DISPLAY is an address of a display server. On the other hand
$DBUS_SESSION_BUS_ADDRESS is an address of way more than just UI, it is
access to about everything a user owns that could ever be accessed (just
short of access to $HOME directly). Giving a user access to your display
is a lot less problematic then giving him access to all your services,
I'd say, so there are certainly differences. (well, i know that X11 does
not really do per-window access control, but that's not the point here)

And there are more differences. The X11 proto in no way implies that the
all users of a $DISPLAY share the same $HOME. However, on D-Bus that is
different. While the raw protocol itself doesn't imply that either, many
services do, starting from the obvious cases such as tracker, which pass
around file paths all the time and assume they are accessible on both
sides of the bus. But that doesn't end there. A lot of other services do
that too, and I'd argue rightly so, simply because it is just faster
then piping everything through the bus.

> The genesis of dbus, oversimplified, was something like: Bonobo and
> gconf and stuff don't work, X does, why? "Copy X!"

Yes, I guessed that. It's not much different from the original PA model,
but we actually changed that in PA a while back, so that the instances
are shared between the sessions/displays as that made more sense to us.

Lennart

-- 
Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/           GnuPG 0x1A015CC4

More information about the dbus mailing list