<div dir="ltr">Thanks, this is very helpful.<br><div class="gmail_extra"><br><div class="gmail_quote">2018-04-12 14:55 GMT+03:00 Simon McVittie <span dir="ltr"><<a href="mailto:smcv@collabora.com" target="_blank">smcv@collabora.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Wed, 11 Apr 2018 at 16:36:43 +0100, Simon McVittie wrote:<br>
> On Wed, 11 Apr 2018 at 17:44:58 +0300, Oleg Kuznecov wrote:<br>
> > I have a problem: after dbus upgrade from 1.10.6 to 1.12.6, dbus-monitor<br>
> > stopped monitoring method calls if try to monitor remote mashine via TCP/IP.<br>
> > Displays only signals.<br>
><br>
> Never use D-Bus remotely via TCP. It has no network-level security,<br>
> making it vulnerable to eavesdropping and unauthorized access.<br>
<br>
</span>One thing for which people sometimes (ab)use D-Bus over TCP is this<br>
scenario:<br>
<br>
* some service and some client run on an embedded device<br>
* debugging the client on the embedded device is inconvenient<br>
* a developer wants to run a local build of the client on their<br>
workstation and connect it to the service on their embedded device<br>
<br>
Using <listen> or --listen to make the dbus-daemon listen on TCP for this<br>
purpose should be considered dangerous.<br>
<br>
The correct way to do this is to set up a tunnel using ssh, socat or a<br>
similar relaying tool, which makes it explicit that the security (or lack<br>
of security) of this relaying is entirely the developer's responsibility.<br>
<br>
Since version 1.5.12, dbus has supported a unixexec: transport which is<br>
very convenient for this:<br>
<<a href="https://bugs.freedesktop.org/show_bug.cgi?id=35230" rel="noreferrer" target="_blank">https://bugs.freedesktop.org/<wbr>show_bug.cgi?id=35230</a>>. systemd provides a<br>
tool, systemd-stdio-bridge, designed to be used as a unixexec relay.<br>
For example, you can connect a client on the workstation to the dbus-daemon<br>
on the embedded device like this:<br>
<br>
dbus-monitor --address "unixexec:path=ssh,argv1=root%<wbr>40embedded-device,argv2=<wbr>systemd-stdio-bridge"<br>
<br>
or by passing that address to APIs like<br>
g_dbus_connection_new_for_<wbr>address() or dbus_connection_open_private()<wbr>. You<br>
can also make a client process connect to the embedded device's<br>
system bus whenever its own system bus is requested, by setting the<br>
DBUS_SYSTEM_BUS_ADDRESS environment variable.<br>
<br>
When connecting like this, the client will be acting with the privileges<br>
of whatever user ran the systemd-stdio-bridge process, for example root<br>
in my dbus-monitor example above (because I used root@embedded-device<br>
as the argument to ssh).<br>
<br>
Note that like all D-Bus addresses, special characters<br>
such as @ in the parameters of unixexec: addresses<br>
must be escaped in the same way you would for HTTP (%xx). For example,<br>
unixexec:path=ssh,argv1=root%<wbr>40embedded-device,argv2=<wbr>systemd-stdio-bridge<br>
runs the equivalent of the shell command-line<br>
'ssh root@embedded-device systemd-stdio-bridge'.<br>
<div class="HOEnZb"><div class="h5"><br>
smcv<br>
______________________________<wbr>_________________<br>
dbus mailing list<br>
<a href="mailto:dbus@lists.freedesktop.org">dbus@lists.freedesktop.org</a><br>
<a href="https://lists.freedesktop.org/mailman/listinfo/dbus" rel="noreferrer" target="_blank">https://lists.freedesktop.org/<wbr>mailman/listinfo/dbus</a><br>
</div></div></blockquote></div><br></div></div>