On Fri, 2005-03-04 at 15:17 -0500, John (J5) Palmieri wrote: > It is similar to the risks of setuid >binaries. I would say D-BUS is a lot better than setuid binaries; you have to write a setuid binary very carefully because it can be influenced by the parent process (environment variables, filesystem namespace, etc). The D-BUS library does validation of the raw message formats, and I think it's much easier to validate arguments to a method than to do all the work involved in writing a setuid binary.
