Was tempted to say for this kind of thing "use DBusServer", but on the other hand we give one plenty of rope in the config file as is now.

Applied, thanks.

commit 07a4ad4b04702fc384b324e5f902a5b2279b0c25
Author: Dennis Kaarsemaker <dennis@kaarsemaker.net>
Date:   Wed Nov 12 08:51:00 2008 -0500

    Bug 15393 - support allow_anonymous config variable
    
    	* bus/bus.c: Set allow_anonymous if specified from
    	parser.
    	* bus/config-parser.c: Parse it.
    	* bus/config-parser-common.h: Declare it.
    
    Signed-off-by: Colin Walters <walters@verbum.org>

So from the mailing list discussion:
http://lists.freedesktop.org/archives/dbus/2008-November/010632.html

it sounds like this patch doesn't work as intended.  I don't have time at the moment to look into it myself; but I would like to reduce the differences between dbus-1.2 (where this patch is not applied) and master.  

So, does anyone mind if I revert this patch until we've worked through the issues?
Thanks.

Here's a ton of old discussion for future reference:

http://lists.freedesktop.org/archives/dbus/2007-November/009000.html
http://lists.freedesktop.org/archives/dbus/2007-November/009001.html
http://lists.freedesktop.org/archives/dbus/2008-August/010209.html
http://lists.freedesktop.org/archives/dbus/2008-August/010208.html
http://lists.freedesktop.org/archives/dbus/2008-July/010176.html
http://lists.freedesktop.org/archives/dbus/2008-August/010212.html

I still don't really see where someone has written down evidence they've thought through what happens security-wise with a patch like this.

Also, there's no unit tests. The ordeal around bus policies shows the potential consequences of that.

Created attachment 22457 [details] [review]
Allow anonymous users (dbus 1.2.12)

dbus-daemon allows anonymous users if <allow_anonymous/> is set in the configuration file

After patching the current release (dbus 1.2.12), I successfully connected a client to a remote dbus-daemon via tcp and retrieved the list of services on the bus with ListNames().

After removing <allow_anonymous/> from the daemon config file, the client is denied access as expected.

Quick note on this one; the original patch got applied to master, we need to revert that before evaluating this new one.

Also as Havoc said there's no unit tests.

(In reply to comment #4)
> Created an attachment (id=22457) [details]
> Allow anonymous users (dbus 1.2.12)
> 
> dbus-daemon allows anonymous users if <allow_anonymous/> is set in the
> configuration file
>

There is only "+" in this last patch and all are in lastest git, right ?

I have tested with lastet git.

Server on win32, ip 192.168.0.182 :

Part of the dbus-daemon configuration file:

<auth>ANONYMOUS</auth>
<allow_anonymous/>
<listen>tcp:host=192.168.0.182,port=12434</listen>

Client on linux, ip 192.168.0.32:

DBUS_SESSION_BUS_ADDRESS="tcp:host=192.168.0.182,port=12434" dbus-send --print-reply --dest="org.freedesktop.DBus" /org/freedesktop/DBus/Introspectable org.freedesktop.DBus.Introspectable.Introspect

So I can confirm that this patch is in git and works as expected.

Peter: how does your patch differ from Dennis' patch, and do we still need to apply it?

Dennis: is there anything else to be done here?

I don't think this is a high priority for the core D-Bus maintainers right now - anonymous auth is a rather niche use of D-Bus compared with the system/session bus on mainstream systems - but I'd accept patches.

  if (included->allow_anonymous)
    parser->allow_anonymous = TRUE;

Should be added to merge_included in config-parser.c to allow the flag to be set from an included configuration file.

close it giving that anonymous auth was already supported.