Unexpected gdbus behaviour during PAM authentication
David Llewellyn-Jones
david at flypig.co.uk
Mon Jan 16 23:25:50 UTC 2017
On 16/01/17 11:35, Simon McVittie wrote:
> On Fri, 13 Jan 2017 at 16:47:21 +0100, Bastien Nocera wrote:
>> GDBus's threads and PAM really don't mix. You'll need to either use
>> something like dbus-glib, which is single-threaded and sync, move your
>> D-Bus code to a small helper you'd talk to over Unix sockets (yeah, I
>> know...), or wait until PAM dies.
>
> Please don't use dbus-glib, particularly for security-sensitive code.
> It is unmaintained (I am its unmaintainer) and has several bits of
> irretrievably bad design.
The advice is appreciated, but could you elaborate on the
"security-sensitive" part? Apart from being unmaintained, do you know of
any specific vulnerabilities or potential dangers?
> Single-threaded alternatives to dbus-glib include:
>
> - dbus' libdbus used directly (it's a verbose low-level API, but still
> less bad than dbus-glib's inconvenience layer over it)
>
> - systemd's sd-bus (Linux-specific)
Looking at Matthew Johnson's tutorial [1] and given I only need to call
a single method synchronously, libdbus looks manageable.
However, I'm a bit concerned about conflicting advice. So far, it seems
dbus-glib, gdbus and libdbus all come with health warnings. In
particular, I'm not convinced I'll be able to do a better job from
repurposing an unmaintained tutorial, compared to using an unmaintained
dbus-glib (which compared to my code, at least has the benefit of having
been written by someone who knew what they were doing!).
David
[1] http://www.matthew.ath.cx/misc/dbus
--
Website: http://www.flypig.co.uk
More information about the dbus
mailing list