Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • D dbus
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 262
    • Issues 262
    • List
    • Boards
    • Service Desk
    • Milestones
  • Custom issue tracker
    • Custom issue tracker
  • Merge requests 34
    • Merge requests 34
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • dbusdbus
  • dbus
  • Issues
  • #289
Closed
Open
Issue created Jan 18, 2020 by dbuser@dbuser

/var/lib/dbus/machine-id and privacy

In December 2019 I saw an article mentioning that Devuan has made so that a new /var/lib/dbus/machine-id is generated for each boot for improving privacy, considering that the file can be read by anyone and there is no restriction to that:

https://devuan.org/os/debian-fork/ascii-point-release-announce-112119

I started a discussion about the issue on openSUSE's bugzilla (the distro I use) where I shared my thoughts of the potential implications of machine-id being accessible by everyone (as it is now) and a suggestion that additionally to what Devuan has done machine-id should also be with limited access, allowing only "whitelisted" programs.

The advise of the dbus experts on openSUSE's bugzilla is that this discussion rather belongs upstream (here) where the possible changes should be made, so I am opening it for consideration.

Assignee
Assign to
Time tracking