The Plan for CVE-2008-4311

Scott James Remnant scott at
Tue Jan 13 15:28:58 PST 2009

On Tue, 2009-01-13 at 15:09 -0500, Colin Walters wrote:

> On Tue, Jan 13, 2009 at 2:44 PM, Scott James Remnant
> <scott at> wrote:
> > If we don't want to support such a thing, then my argument is moot ;)
> > We should document that the only way to have such private signals is by
> > explicit destination when you send it.
> Right; I think that would be a reasonable answer, though the binding
> state for unicast signals is not very good.  The other answer here is
> that you use method calls to unique bus names in the "agent pattern"
> that bluetooth uses.
Given that, now seems as good a opportunity as any to look at the
system.d files and see if they can't be written in a rather less
difficult language.

Your service idea would work, but still has the downside that it's
probably more complex than needs be?

I'd go with something even simpler:

<service name="org.freedesktop.Hal" user="root">
  <allow interface="org.freedesktop.Hal.EraseMyDisks" user=root" />
  <allow interface="org.freedesktop.Hal.GetDiskGeometry" />

(The distinction between send/receive has always been confusing ;p)

Scott James Remnant
scott at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : 

More information about the dbus mailing list