libosso review, take 2. Thanks for fixing most of the issues. However, the system dbus policy is still a single huge security trojan horse. Please rewrite it completely in a restrictive manner, precisely define which user can own the osso dbus service and who can connect to it (and which restrictions apply to privileged functions). Please take a look at the numerous examples in /etc/dbus/system.d/.
libosso review, take 2. Thanks for fixing most of the issues. However, the system dbus policy is still a single huge security trojan horse. Please rewrite it completely in a restrictive manner, precisely define which user can own the osso dbus service and who can connect to it (and which restrictions apply to privileged functions). Please take a look at the numerous examples in /etc/dbus/ system. d/.
Thank you! Martin