DBus - Security Implications
George Staikos
staikos at kde.org
Mon Sep 19 02:18:32 BST 2005
On Sunday 18 September 2005 21:06, Dave Feustel wrote:
> On Sunday 18 September 2005 18:50, George Staikos wrote:
> > On Sunday 18 September 2005 08:50, Dave Feustel wrote:
> > > I've been wondering about this for a while.
> > > What are the security implications, if any, from using DBus?
> >
> > Are you inquiring in comparison to DCOP,
>
> Not of DCOP, but of signal/slot security vs DBus security in general..
> I am a KDE/Qt/QSA novice right now, so I interested in the comments
> of those with more KDE experience than I have.
Well of course DBus is less "secure" since signals and slots are internal to
the application whereas DBus goes over a communication line. However I think
this is mostly irrelevant for most or all applications. If a malicious user
has access to the DBus channel, that user will probably easily have access to
userspace with the right permissions to do much worse things too. I don't
think you have to worry about DBus security in this respect.
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kde-core-devel
mailing list