Closed Aaron1011 closed 5 months ago
An invalid configuration might be an accidental typo. If we silently ignore the file, we would possibly introduce security problems due to not picking up important permission rules from the file, and thus lead to a vulnerable system.
Hence, dbus-broker refuses to start with invalid configuration.
What about a config option (disabled by default) which explicitly acknowledges the risks - something like insecure-ignore-invalid-config
?
I am sorry, but this is not a direction we want to take.
I am closing this, as this is an explicit policy decision of dbus-broker. If you prefer a change in policy, please open an issue and elaborate on how you envision this to work.
Thanks for the report!
I accidentally ended up with an empty file in an
includedir
directory (/usr/share/dbus-1/system.d
on Arch Linux). This resulted in dbus-broker-launch exiting with the following error:Unfortunately, this rendered my system almost unuseable until it was fixed - in particular, tools like
systemctl
need DBus to be running.It would be useful to have a config option to log an error and continue running when an invalid file in found in an
includedir
.