The Plan for CVE-2008-4311
Scott James Remnant
scott at canonical.com
Tue Jan 13 15:28:58 PST 2009
On Tue, 2009-01-13 at 15:09 -0500, Colin Walters wrote:
> On Tue, Jan 13, 2009 at 2:44 PM, Scott James Remnant
> <scott at canonical.com> wrote:
>
> > If we don't want to support such a thing, then my argument is moot ;)
> > We should document that the only way to have such private signals is by
> > explicit destination when you send it.
>
> Right; I think that would be a reasonable answer, though the binding
> state for unicast signals is not very good. The other answer here is
> that you use method calls to unique bus names in the "agent pattern"
> that bluetooth uses.
>
Given that, now seems as good a opportunity as any to look at the
system.d files and see if they can't be written in a rather less
difficult language.
Your service idea would work, but still has the downside that it's
probably more complex than needs be?
I'd go with something even simpler:
<service name="org.freedesktop.Hal" user="root">
<allow interface="org.freedesktop.Hal.EraseMyDisks" user=root" />
<allow interface="org.freedesktop.Hal.GetDiskGeometry" />
</service>
(The distinction between send/receive has always been confusing ;p)
Scott
--
Scott James Remnant
scott at canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists.freedesktop.org/archives/dbus/attachments/20090113/3e25c981/attachment.pgp
More information about the dbus
mailing list