--On Friday, August 08, 2008 01:47:51 PM -0700 Artem Kachitchkine <Artem.Kachitchkin at Sun.COM> wrote:
> Don't forget about method calls. DBus has pluggable authentication, but > what's available now might not be sufficient. Also remember that in > addition to session and system bus mode (over unix sockets), it also > supports network mode (inet sockets) - which is not widely used, but > something to consider wrt virtual environments. > > If you let your imagination go, DBus can be used for all kinds of > information. If DBus sounds too foreign to you, think of sysevents and > doors. They are as generic and subject to similar risks to DBus. This is actually the key point. DBus is not a repository of information; it is a fairly general IPC mechanism. If two processes in different zones have access to the same DBus bus, then there is a communication channel between them, and the DBus daemon will almost certainly have to be made zone-aware and able to restrict what kind of communication is permitted between zones. -- Jeff