HyperWiki

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Last revision Both sides next revision
en:philosophy:dbus_failure [2022/06/14 17:51]
emulatorman 		en:philosophy:dbus_failure [2024/01/14 16:10]
throgh [What are the issues?]
Line 1: Line 1:
 ====== Failure of D-Bus ====== ====== Failure of D-Bus ======
  
-With [[https://www.hyperbola.info/news/announcing-hyperbolabsd-roadmap/|hyperbolaBSD]], d-bus and related linux specific frameworks will **eventually be deprecated**, according to our [[en:manual:contrib:hyperbola_roadmap|Roadmap]].+With [[https://www.hyperbola.info/news/announcing-hyperbolabsd-roadmap/|HyperbolaBSD]], D-bus and related Linux specific frameworks will **eventually be deprecated**, according to our [[en:manual:contrib:hyperbola_roadmap|Roadmap]].
 With release of version 0.4, the **end of support for D-Bus** was marked [[https://www.hyperbola.info/news/milky-way-v04-release/|among other inovations]]. With release of version 0.4, the **end of support for D-Bus** was marked [[https://www.hyperbola.info/news/milky-way-v04-release/|among other inovations]].
  
 ===== Introduction ===== ===== Introduction =====
  
-**D-Bus** is [[https://dvdhrm.github.io/rethinking-the-dbus-message-bus/|over-engineered and orphaned]], ussually on critical systems which prioritize privacy, security and freedom like [[en:start|hyperbola]], it becomes **unecessary** and **avoidable**. In fact, pure C API is quite laborious and its use, requires writing large amounts of boilerplate code, to the point where its own [[https://dbus.freedesktop.org/doc/dbus/libdbus-tutorial.html|API documentation]] states: “If you use this low-level API directly, you're signing up for some pain.”+**D-Bus** is [[https://dvdhrm.github.io/rethinking-the-dbus-message-bus/|over-engineered and orphaned]], ussually on critical systems which prioritize privacy, security and freedom like [[en:start|Hyperbola]], it becomes **unecessary** and **avoidable**. In fact, pure C API is quite laborious and its use, requires writing large amounts of boilerplate code, to the point where its own [[https://dbus.freedesktop.org/doc/dbus/libdbus-tutorial.html|API documentation]] states: “If you use this low-level API directly, you're signing up for some pain.”
 Therefore the adopting of this kinds of frameworks is hard to **respect modular and lightweight** premisses and by consequence our [[en:project:social_contract|Social Contract]]. While atack surface is [[https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/net/unix/af_unix.c?id=27eac47b00789522ba00501b0838026e1ecb6f05|massively and exponentional increased]].  Therefore the adopting of this kinds of frameworks is hard to **respect modular and lightweight** premisses and by consequence our [[en:project:social_contract|Social Contract]]. While atack surface is [[https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/net/unix/af_unix.c?id=27eac47b00789522ba00501b0838026e1ecb6f05|massively and exponentional increased]]. 
  
Line 13: Line 13:
 There are many **nasty**, **absurd** open **bugs** and also known **vulnerabilities**, as well as **conceptual problems** in d-bus codebase. The bugs range from uncontrolled [[https://bugs.freedesktop.org/show_bug.cgi?id=80817|memory usage]], over silent [[https://bugs.freedesktop.org/show_bug.cgi?id=52372|dropping of messages]], to [[https://bugs.freedesktop.org/show_bug.cgi?id=28355|dead-locks by design]], unsolved for up to 7 years. Looking closer, most of them simply **cannot be solved without breaking** guarantees long given by [[https://dbus.freedesktop.org/doc/dbus-daemon.1.html|dbus-daemon(1)]], the reference implementation. There are many **nasty**, **absurd** open **bugs** and also known **vulnerabilities**, as well as **conceptual problems** in d-bus codebase. The bugs range from uncontrolled [[https://bugs.freedesktop.org/show_bug.cgi?id=80817|memory usage]], over silent [[https://bugs.freedesktop.org/show_bug.cgi?id=52372|dropping of messages]], to [[https://bugs.freedesktop.org/show_bug.cgi?id=28355|dead-locks by design]], unsolved for up to 7 years. Looking closer, most of them simply **cannot be solved without breaking** guarantees long given by [[https://dbus.freedesktop.org/doc/dbus-daemon.1.html|dbus-daemon(1)]], the reference implementation.
  
 +Besides that even the reference-implementation is also made obsolete by others done, like [[https://github.com/bus1/dbus-broker|dbus-broker]] **being only implemented for Linux**. This is another approval about the on-going removal of standards ([[https://github.com/bus1/dbus-broker/wiki|source]]).
 ===== Privacy problems ===== ===== Privacy problems =====
  
 Not to speak that **D-Bus leaks machine-id** across applications and userland which causes concerns on what regards to [[https://unix.stackexchange.com/questions/395331/is-machine-id-a-uuid|privacy, fingerprinting, and user control]]. Not to speak that **D-Bus leaks machine-id** across applications and userland which causes concerns on what regards to [[https://unix.stackexchange.com/questions/395331/is-machine-id-a-uuid|privacy, fingerprinting, and user control]].
  
 +Furthermore there are implementations based on **D-Bus** to record metrics events locally on the device ([[https://github.com/endlessm/eos-metrics|link to project]]).