docs/2_Architecture_Guides/2.2_Security_Blueprint/5_Platform/1.2.5.3_SystemBus.md

   1 ---
   2 title: SystemBus
   3 ---
   4
   5 # D-Bus
   6
   7 D-Bus is a well-known **IPC** (Inter-Process Communication) protocol (and
   8 daemon) that helps applications to talk to each other. The use of D-Bus is great
   9 because it allows to implement discovery and signaling.
  10
  11 The D-Bus session is by default addressed by environment variable
  12 `DBUS_SESSION_BUS_ADDRESS`. Using **systemd** variable
  13 `DBUS_SESSION_BUS_ADDRESS` is automatically set for user sessions. D-Bus usage
  14 is linked to permissions.
  15
  16 D-Bus has already had several [security
  17 issues](https://www.cvedetails.com/vulnerability-list/vendor_id-13442/D-bus-Project.html)
  18 (mostly **DoS** issues), to allow applications to keep talking to each other. It
  19 is important to protect against this type of attack to keep the system more
  20 stable.
  21
  22
  23 <!-- section-config -->
  24
  25 Domain          | Object         | Recommendations
  26 --------------- | -------------- | ------------------------------------
  27 Platform-DBus-1 | Security model | Use D-Bus as IPC.
  28 Platform-DBus-2 | Security model | Apply D-BUS security patches: [D-Bus CVE](https://www.cvedetails.com/vulnerability-list/vendor_id-13442/D-bus-Project.html)
  29
  30 <!-- end-section-config -->