D-Bus optimizations

Thiago Macieira thiago at kde.org
Tue Feb 28 04:56:57 PST 2012 

On terça-feira, 28 de fevereiro de 2012 06.28.44, David Zeuthen wrote:
> Hi,
> 
> On Tue, Feb 28, 2012 at 5:34 AM, Rodrigo Moya <rodrigo at gnome-db.org> wrote:
> > yes, there are a lot of other improvements that could be done, message
> > validation being one of them. Note though that with multicast, we remove
> > one of the
> > validations, as the daemon doesn't do anything on most of the messages
> > sent to the bus.
> 
> Many applications rely on the message bus (or whatever is routing the
> message for delivery to the application) validating the D-Bus message,
> in particular validating that strings are proper UTF-8, ensuring that
> the message is bounded (max size is 127MiB) and so on. I think that
> removing this guarantee is a very bad idea.

The applications rely on the message being validated when it arrives. That 
does not imply the bus daemon needs to validate it. As long as the message 
arrives in a datagram, the library on the client side can validate it before 
passing to the application code.

This applies to malformed messages, but does not apply to well-formed but 
spoofed messages. The checking of the credentials needs to be done by a 
trusted source.

The drawback of validation on the client is that we are unable to deploy a 
system-wide bugfix. Having different implementations of the validation could 
mean that applications are vulnerable to certain attacks and the correction 
doesn't apply to all. It wouldn't be the first time we have that problem (think 
SSL implementations, of which we have 3 on Linux), but it's a drawback 
nonetheless.

-- 
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
   Software Architect - Intel Open Source Technology Center
      PGP/GPG: 0x6EF45358; fingerprint:
      E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freedesktop.org/archives/dbus/attachments/20120228/f1720a66/attachment.pgp>

More information about the dbus mailing list