📝 zb: Add security documentation and warnings to system methods

complexspaces · complexspaces · commit 3ccb54c11f10 · 2025-03-31T09:41:39.000+09:00
Closes dbus2#1275 by adding basic and sufficient, but attention-grabbing, documentation to all `system*` methods in the crate which either are or utilize the result of zbus::Address::system to describe their security properties. I took the approach to centralize the details/important parts on zbus::Address::system and then use interdoc links to redirect all of the other "affected" callsites there to reduce duplication.
diff --git a/zbus/src/address/mod.rs b/zbus/src/address/mod.rs
@@ -87,6 +87,17 @@ impl Address {
     /// Get the address for the system bus respecting the `DBUS_SYSTEM_BUS_ADDRESS` environment
     /// variable. If we don't recognize the value (or it's not set) we fall back to
     /// `/var/run/dbus/system_bus_socket`.
+    ///
+    /// # Security
+    ///
+    /// <div class="warning">
+    ///
+    /// `zbus` does not perform any security checks or trust validation on the address (path)
+    /// returned by this method.
+    ///
+    /// Users in security-sensitive contexts (ex: authentication) are responsible for validating
+    /// if the address is truly controlled by the system and trustworthy for the intended purpose.
+    /// </div>
     pub fn system() -> Result<Self> {
         match env::var("DBUS_SYSTEM_BUS_ADDRESS") {
             Ok(val) => Self::from_str(&val),
diff --git a/zbus/src/blocking/connection/builder.rs b/zbus/src/blocking/connection/builder.rs
@@ -30,6 +30,14 @@ impl<'a> Builder<'a> {
     }
 
     /// Create a builder for the system-wide message bus connection.
+    ///
+    /// # Security
+    ///
+    /// <div class="warning">
+    ///
+    /// `zbus` does not validate the address used by this builder's connection.
+    /// See [zbus::Address::system] for more details.
+    /// </div>
     pub fn system() -> Result<Self> {
         crate::connection::Builder::system().map(Self)
     }
diff --git a/zbus/src/blocking/connection/mod.rs b/zbus/src/blocking/connection/mod.rs
@@ -33,6 +33,14 @@ impl Connection {
     }
 
     /// Create a `Connection` to the system-wide message bus.
+    ///
+    /// # Security
+    ///
+    /// <div class="warning">
+    ///
+    /// `zbus` does not validate the address used by this connection.
+    /// See [zbus::Address::system] for more details.
+    /// </div>
     pub fn system() -> Result<Self> {
         block_on(crate::Connection::system()).map(Self::from)
     }
diff --git a/zbus/src/connection/builder.rs b/zbus/src/connection/builder.rs
@@ -78,6 +78,14 @@ impl<'a> Builder<'a> {
     }
 
     /// Create a builder for the system-wide message bus connection.
+    ///
+    /// # Security
+    ///
+    /// <div class="warning">
+    ///
+    /// `zbus` does not validate the address used by this builder's connection.
+    /// See [zbus::Address::system] for more details.
+    /// </div>
     pub fn system() -> Result<Self> {
         Ok(Self::new(Target::Address(Address::system()?)))
     }
diff --git a/zbus/src/connection/mod.rs b/zbus/src/connection/mod.rs
@@ -1193,6 +1193,14 @@ impl Connection {
     }
 
     /// Create a `Connection` to the system-wide message bus.
+    ///
+    /// # Security
+    ///
+    /// <div class="warning">
+    ///
+    /// `zbus` does not validate the address used by this connection.
+    /// See [zbus::Address::system] for more details.
+    /// </div>
     pub async fn system() -> Result<Self> {
         Builder::system()?.build().await
     }

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,14 @@ impl<'a> Builder<'a> {`
`30`	`30`	`}`
`31`	`31`
`32`	`32`	`/// Create a builder for the system-wide message bus connection.`
	`33`	`+ ///`
	`34`	`+ /// # Security`
	`35`	`+ ///`
	`36`	`+ /// <div class="warning">`
	`37`	`+ ///`
	`38`	+ /// `zbus` does not validate the address used by this builder's connection.
	`39`	`+ /// See [zbus::Address::system] for more details.`
	`40`	`+ /// </div>`
`33`	`41`	`pub fn system() -> Result<Self> {`
`34`	`42`	`crate::connection::Builder::system().map(Self)`
`35`	`43`	`}`
Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,14 @@ impl Connection {`
`33`	`33`	`}`
`34`	`34`
`35`	`35`	/// Create a `Connection` to the system-wide message bus.
	`36`	`+ ///`
	`37`	`+ /// # Security`
	`38`	`+ ///`
	`39`	`+ /// <div class="warning">`
	`40`	`+ ///`
	`41`	+ /// `zbus` does not validate the address used by this connection.
	`42`	`+ /// See [zbus::Address::system] for more details.`
	`43`	`+ /// </div>`
`36`	`44`	`pub fn system() -> Result<Self> {`
`37`	`45`	`block_on(crate::Connection::system()).map(Self::from)`
`38`	`46`	`}`
Original file line number	Diff line number	Diff line change
`@@ -78,6 +78,14 @@ impl<'a> Builder<'a> {`
`78`	`78`	`}`
`79`	`79`
`80`	`80`	`/// Create a builder for the system-wide message bus connection.`
	`81`	`+ ///`
	`82`	`+ /// # Security`
	`83`	`+ ///`
	`84`	`+ /// <div class="warning">`
	`85`	`+ ///`
	`86`	+ /// `zbus` does not validate the address used by this builder's connection.
	`87`	`+ /// See [zbus::Address::system] for more details.`
	`88`	`+ /// </div>`
`81`	`89`	`pub fn system() -> Result<Self> {`
`82`	`90`	`Ok(Self::new(Target::Address(Address::system()?)))`
`83`	`91`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1193,6 +1193,14 @@ impl Connection {`
`1193`	`1193`	`}`
`1194`	`1194`
`1195`	`1195`	/// Create a `Connection` to the system-wide message bus.
	`1196`	`+ ///`
	`1197`	`+ /// # Security`
	`1198`	`+ ///`
	`1199`	`+ /// <div class="warning">`
	`1200`	`+ ///`
	`1201`	+ /// `zbus` does not validate the address used by this connection.
	`1202`	`+ /// See [zbus::Address::system] for more details.`
	`1203`	`+ /// </div>`
`1196`	`1204`	`pub async fn system() -> Result<Self> {`
`1197`	`1205`	`Builder::system()?.build().await`
`1198`	`1206`	`}`