Detachable libpurple - RPC system

gillux gillou.ray at free.fr
Tue Jun 8 22:40:23 EDT 2010


On Tue, 8 Jun 2010 20:44:42 -0500
Jorge Villaseñor <salinasv at gmail.com> wrote:

> On Sun, Jun 6, 2010 at 12:06 AM,  <gillou.ray at free.fr> wrote:
> 
> > I red some docs and tutorial about DBus. It seems to be a good
> > choice as it provide # 1, 2, 3, 4 and 5. It's well designed and
> > provides a good abstraction. However, DBus isn't designed for
> > TCP/IP remote connections, though this transport is implemented.
> > DBus authentication is based on socket uid or magic cookies [1],
> > this only makes sense in the scope of a single machine. Currently
> > we would have to avoid authentication, or to implement another
> > authentication method in DBus and get it accepted by the DBus
> > developpers. The same goes for the encryption that relies to DBus
> > and isn't implemented [2]. So # 6 and 7 would remain unachieved.
> 
> I do think DBus is the way to go (take a look at eggdbus) TCP/IP
> would not be an issue since you can always ssh your box and then
> attach finch It also solves authentications since DBus can handle
> user sessions.

Thanks for your reply. IMO, this is much like a workaround than a
solution. DBus leads to having the default setup with clear and
anonymous connections, and then the user could do tunnelling if he
wants to. In a practical point of view having something as the
"default" means that it will be used by the majority of the users.
Depending on how much the developpers care about security, this may be
a problem or not. For me it is, definitely. And for you (others) ?

		-- Gilles
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://pidgin.im/pipermail/devel/attachments/20100609/0386db81/attachment.sig>


More information about the Devel mailing list