D-Bus daemon configuration file

Simon McVittie simon.mcvittie at collabora.co.uk
Mon Dec 2 11:51:10 PST 2013


On 02/12/13 18:50, Bogdan Lotko wrote:
> Of course I should mention I need it for LINUX :)

D-Bus over (non-localhost) TCP has no protection against eavesdropping,
and somewhat awkward authentication semantics. Use it at your own risk,
and only if you fully trust everyone on your LAN (similar to traditional
use of NFS and non-tunnelled X11); I do not recommend it, and do not
intend to treat any bugs in it as security vulnerabilities.

The configurations for which we do security releases are the standard
system and session buses in their typical Unix configuration (over
AF_UNIX, and preferably with EXTERNAL authentication using
credentials-passing).

    S



More information about the dbus mailing list