dbus insecure over secure TCP?

Rémi Denis-Courmont remi at remlab.net
Fri Jul 13 17:52:21 UTC 2018


Le perjantaina 13. heinäkuuta 2018, 20.33.32 EEST L A Walsh a écrit :
> fr:https://dbus.freedesktop.org/doc/dbus-specification.html#transports-tcp-s
> ockets says:
> 
>     In particular, configuring the well-known system bus or the
>     well-known  session bus to listen on a non-loopback TCP address is
>     insecure
> 
> 
> Why?  If the TCP-PATH between systems is secure, how is dbus insecure?

In general, D-Bus over a TCP path is insecure. The D-Bus daemon and clients 
are not in a position to determine that the TCP path is secure or is not. And 
there is also the problem that the credential passing authentication mechanism 
for local domain sockets is in fact more secure than that for TCP sockets.

As I understand it, this is a reminder that the TCP support was only intended 
as a substitute for local domain (Unix) sockets on Windows, not for general 
use over a network.

> Why is DBUS advertising that it is insecure when used over secure networks?

The specification says nothing of "secure networks" actually.

> In addition to dedicated lines, TCP connections over VPNs and ssh have been
> around for 30 years or more.

Running D-Bus over TCP forwarded over SSH does not make any sense. With SSH, 
you can forward D-Bus over local domain socket - just like X11 forwarding.

-- 
Rémi Denis-Courmont
http://www.remlab.net/





More information about the dbus mailing list