I vaguely recall a discussion about this that I think ended up at the conclusion that the unit of security granularity should be the service; i.e. not interfaces or methods.
In other words the config file for 3rd party services should just be:
<user="root"> <allow service="org.freedesktop.ConsoleKit"/> </user>
This would fit in with the trend of using PolicyKit for more fine grained authorization too.
I vaguely recall a discussion about this that I think ended up at the conclusion that the unit of security granularity should be the service; i.e. not interfaces or methods.
In other words the config file for 3rd party services should just be:
<user="root"> "org.freedeskto p.ConsoleKit" />
<allow service=
</user>
This would fit in with the trend of using PolicyKit for more fine grained authorization too.