Revert "dbus: allow system, and session bus clients to answer to dbus…

… unconfined domains" Is considered a "security hole" This reverts commit 6bef7a1.
TresysTechnology · Jul 28, 2016 · bc14741 · bc14741
1 parent 3c2cbee
commit bc14741
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/dbus.te b/dbus.te
@@ -248,5 +248,5 @@ optional_policy(`
 # Unconfined access to this module
 #
 
-allow dbusd_unconfined { system_dbusd_t session_bus_type dbusd_session_bus_client dbusd_system_bus_client }:dbus all_dbus_perms;
-allow { dbusd_session_bus_client dbusd_system_bus_client } dbusd_unconfined:dbus send_msg;
+allow dbusd_unconfined { dbusd_session_bus_client dbusd_system_bus_client }:dbus send_msg;
+allow dbusd_unconfined { system_dbusd_t session_bus_type }:dbus all_dbus_perms;