D-Bus across networks?

Lawrence D'Oliveiro ldo at geek-central.gen.nz
Fri Nov 16 01:08:03 UTC 2018


On Thu, 15 Nov 2018 19:33:04 -0500, Felipe Gasper wrote:

> I know D-Bus *can* work over TCP to facilitate this kind of workflow,
> but I’ve not read much about D-Bus’s actually being widely used in
> that way.

Probably because it opens a whole new can of worms.

The use of D-Bus across networks was discussed on this list as recently
as July
<https://lists.freedesktop.org/archives/dbus/2018-July/017483.html>.
And predictably there were those taking a naïve “she’ll be right”
attitude.

The fundamental problem, as Bruce Schneier would put it, is that
security does not compose: you can take two systems which have
individually been demonstrated to be “secure”, try to connect them
together, and end up introducing new security holes, which may not be
obvious at all. So you have to ignore much of the testing done on
the components, and test the entire combination pretty much from scratch
to verify its security.

If you can be bothered to do that, then fine. My impression is that the
D-Bus developers can find more fruitful things to do with their time.


More information about the dbus mailing list