Created an attachment (id=20397)
Possible system.conf change
What about this change for system.conf? It restricts send_requested_reply rule, so it should deal with all unintended method calls. It also tries to set correct expectations wrt future of the receive_requested_reply rule.
This should resolve the problem without need for immediate fix of all applications using system bus. Creating allow receive_interface= rules for all interfaces implemented by any application using the bus would result in a similarly secure policy as one with current receive_requested_reply rule. Not being able to check destination in receive rules still seems quite limiting to me.
Created an attachment (id=20397)
Possible system.conf change
What about this change for system.conf? It restricts send_requested_ reply rule, so it should deal with all unintended method calls. It also tries to set correct expectations wrt future of the receive_ requested_ reply rule.
This should resolve the problem without need for immediate fix of all applications using system bus. Creating allow receive_interface= rules for all interfaces implemented by any application using the bus would result in a similarly secure policy as one with current receive_ requested_ reply rule. Not being able to check destination in receive rules still seems quite limiting to me.