I have an SSH transport. If I am using SASL, and if I am connecting from a machine where the local user UID differs from the authenticated user on the remote machine, the DBus connection will not be allowed. We must pretend that our UID is that of the remote user. I do not see this as security issue, the user is already authenticated by SSH, and the broker is validating that the connection is coming from the remote user.
The use of UnixSystem breaks when attempting to compile to native code with GraalVM (actually, it fails to link). I believe this is a bug in Graal, but nevertheless UnixSystem is not part of the official API and is platform dependent. This is the sole reason for depending on the jdk.security.auth module.
.. instead of being detected.
There are a couple of reasons for this PR.
I have an SSH transport. If I am using SASL, and if I am connecting from a machine where the local user UID differs from the authenticated user on the remote machine, the DBus connection will not be allowed. We must pretend that our UID is that of the remote user. I do not see this as security issue, the user is already authenticated by SSH, and the broker is validating that the connection is coming from the remote user.
The use of
UnixSystem
breaks when attempting to compile to native code with GraalVM (actually, it fails to link). I believe this is a bug in Graal, but neverthelessUnixSystem
is not part of the official API and is platform dependent. This is the sole reason for depending on thejdk.security.auth
module.Usage :-
builder.transportConfig().withSaslUid(1000);