Comment 19 for bug 306362

Created an attachment (id=20397)
Possible system.conf change

What about this change for system.conf? It restricts send_requested_reply rule, so it should deal with all unintended method calls. It also tries to set correct expectations wrt future of the receive_requested_reply rule.

This should resolve the problem without need for immediate fix of all applications using system bus. Creating allow receive_interface= rules for all interfaces implemented by any application using the bus would result in a similarly secure policy as one with current receive_requested_reply rule. Not being able to check destination in receive rules still seems quite limiting to me.