D-Bus across networks?
Felipe Gasper
felipe at felipegasper.com
Fri Nov 16 02:02:36 UTC 2018
> On Nov 15, 2018, at 8:08 PM, Lawrence D'Oliveiro <ldo at geek-central.gen.nz> wrote:
>
> On Thu, 15 Nov 2018 19:33:04 -0500, Felipe Gasper wrote:
>
>> I know D-Bus *can* work over TCP to facilitate this kind of workflow,
>> but I’ve not read much about D-Bus’s actually being widely used in
>> that way.
>
> Probably because it opens a whole new can of worms.
>
> The use of D-Bus across networks was discussed on this list as recently
> as July
> <https://lists.freedesktop.org/archives/dbus/2018-July/017483.html>.
> And predictably there were those taking a naïve “she’ll be right”
> attitude.
Cool--thanks for this!
> The fundamental problem, as Bruce Schneier would put it, is that
> security does not compose: you can take two systems which have
> individually been demonstrated to be “secure”, try to connect them
> together, and end up introducing new security holes, which may not be
> obvious at all. So you have to ignore much of the testing done on
> the components, and test the entire combination pretty much from scratch
> to verify its security.
It would seem WAMP, at least, operates under the same set of concerns, so to deploy D-Bus in such a context would seem at least “no worse”. I would think deployment of any kind of network-wide, intra-node messaging solution would face similar concerns.
Anyhow, thanks.
-FG
More information about the dbus
mailing list