D-Bus User Bus

Lennart Poettering mzqohf at 0pointer.de
Wed May 19 20:11:19 PDT 2010


On Wed, 19.05.10 22:37, Havoc Pennington (hp at pobox.com) wrote:

Heya,

> On Wed, May 19, 2010 at 10:28 PM, Lennart Poettering <mzqohf at 0pointer.de> wrote:
> > Claiming that there was a 1:1 relation ship between a display and a bus
> > is not right, because our session busses are *not* network
> > transparent right now. (And I'd claim rightly so)
> 
> This is a bug and always has been, though, according to the current
> design.

A practically unfixable bug then. Which still means that there is no 1:1
mapping between the bus and the display. We should accept that.

> Yes, running X apps as different users or on different machines from
> the main session is a Mess. See the bug about su I'm too lazy to dig
> up. Different machine and different user via su are pretty similar
> cases. The whole "how that should work" is so undefined and such a can
> of worms it's tough to use as an argument here, though, since the user
> bus just makes it even harder to sort out ;-) and to date nobody has
> written down what should work, what should not work, and how to write
> an app correctly such that it all does work...

Well, my line of arguing is that the are should only be
per-user/per-machine busses, and stuff loaded via su or ssh -X would get
their own buses then, end of story.

Due to privilege seperation you cannot allow other users access to
your bus.

And due to the inherently broken network transport logic you cannot
allow other machines access to your local bus.

Lennart

-- 
Lennart Poettering                        Red Hat, Inc.
lennart [at] poettering [dot] net
http://0pointer.net/lennart/           GnuPG 0x1A015CC4


More information about the dbus mailing list