The Plan for CVE-2008-4311

Scott James Remnant scott at
Mon Dec 22 00:44:03 PST 2008

On Wed, 2008-12-17 at 18:10 -0500, Colin Walters wrote:

> Concurrently, we apply these fixes to continuing the 1.2.X stream.
> The primary difference between 1.2.X and 1.2.4.Xpermissive is simply
> the default policy for method calls.  In 1.2.X it will be deny (as
> intended originally), and 1.2.4.Xpermissive it will be permissive.
I'd like to see the default for signals be deny as well, since we're
fixing application policy anyway, we should fix the apps to allow others
to receive their signals.

Scott James Remnant
scott at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : 

More information about the dbus mailing list