This is the first time I hear that anyone hates D-Bus. I always saw it as a glob...

throw_await · 2025-12-15T20:55:29 1765832129

The architecture is fundamentally broken when you are using multiple window managers / desktop environments https://github.com/dunst-project/dunst/issues/363

vanviegen · 2025-12-15T20:54:53 1765832093

> The security aspect seems also a bit funny to me. After all the average Desktop has most data in the home directory, so every application can read everything.

The world is moving towards sandboxed applications (through flatpak and friends) more and more. As per the OP, this is one of the things holding sandboxing back.

LtWorf · 2025-12-15T22:23:54 1765837434

There's sandbox escapes daily since decades. It doesn't work.

akimbostrawman · 2025-12-16T13:16:24 1765890984

>There's lock picking daily since centuries. It doesn't work

LtWorf · 2025-12-16T15:28:27 1765898907

It takes time to pick one lock and twice as much to pick two.

It takes the same time to escape 1 or 10000000 sandboxes.

gf000 · 2025-12-16T20:20:33 1765916433

That's only somewhat true if we are talking about the same sandbox nested (which would be quite dumb to do).

Escaping two different sandboxes are multiple times as hard, and a sane sandbox is not trivially picked, see web browsers and that the fact that the world is not one giant botnet.

LtWorf · 2025-12-17T20:17:08 1766002628

How many implementations of linux namespaces are there in the kernel? Is it more than one?

gf000 · 2025-12-18T08:05:04 1766045104

Is a wasm sandbox, or the browser not a sandbox, independent of the kernel?

LtWorf · 2025-12-21T15:01:46 1766329306

Has one of them ever gone more than a month without a CVE?

dolmen · 2025-12-15T21:50:05 1765835405

Check varlink, an alternative to D-Bus defined in the SystemD world.

https://media.ccc.de/v/all-systems-go-2024-276-varlink-now-

goku12 · 2025-12-16T17:46:51 1765907211

Varlink was created independently of systemd. SystemD just adopted it. It just wasn't that well known before that adoption.

ahartmetz · 2025-12-15T23:03:37 1765839817

Nah, fuck that one in particular. DBus was too type-unsafe? Why not use JSON then, right? Right?!

mx7zysuj4xew · 2025-12-16T04:54:40 1765860880

The reason you do t hear much about it is because it's not an often discussed topic. Nonetheless the hate is there.

Dbus is a godawful mess. Imagine the windows registry, except it can only be inspected at runtime, contains executable binaries and is exceptionally fragile

craftkiller · 2025-12-16T00:22:45 1765844565

> The security aspect seems also a bit funny to me. After all the average Desktop has most data in the home directory, so every application can read everything. That's not the fault of D-Bus.

Those secret stores (gnome-keyring/kwallet) store the secrets encrypted on disk, so every application can read the encrypted secrets but only the secret store has the encryption key to decrypt them. This is held in memory, not on disk.