Bug 476718

Summary: Change for yum-updatesd shipped with yum, to avoid use of bare send_interface dbus policy rules
Product: [Fedora] Fedora Reporter: Colin Walters <walters>
Component: yum-updatesdAssignee: Jeremy Katz <katzj>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: ffesti, james.antill, katzj, pmatilai, tim.lauridsen
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-01-15 23:17:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
avoid use of bare send_interface none

Description Colin Walters 2008-12-16 18:43:06 UTC
Created attachment 327143 [details]
avoid use of bare send_interface

Summary: Bare <deny send_interface> rules are bad.
References:
http://bugs.freedesktop.org/show_bug.cgi?id=18961
http://lists.freedesktop.org/archives/dbus/2008-December/010759.html

Comment 1 seth vidal 2008-12-16 20:49:06 UTC
So do these lines do nothing anyway? B/c I'm a little fuzzy on how that patch fixes things.

Comment 2 Colin Walters 2008-12-18 14:58:56 UTC
They something, but more than we want (detailed in the bug report).  Removing them is safe because they are redundant with the send_destination rule.

(Yes, the policy language is confusing as hell and basically busted; I'm just trying to get everything on a common sane base and then am considering doing a new config format)

Comment 3 Colin Walters 2008-12-18 14:59:12 UTC
s/They something/They do do something/

Comment 4 James Antill 2009-01-14 15:39:19 UTC
Not sure how much we care about this, given no sane person should be using that version of yum-updatesd ... Colin do we want another BZ for the real yum-updatesd?

Comment 5 Colin Walters 2009-01-15 15:21:37 UTC
The real one?  Oh, I see it's in a different package.  I'll just move this one.

Comment 6 Jeremy Katz 2009-01-15 23:17:53 UTC
Fixed upstream