Lintian tag information: dbus-policy-without-send-destination (type: warning)

Description (from lintian-explain-tags)

The package contains D-Bus policy configuration that uses one of the
send_* conditions, but does not specify a send_destination, and is not
specific to root.

Rules of the form

<allow send_interface="com.example.MyInterface"/>

allow messages with the given interface to be sent to *any* service, not
just the one installing the rule, which is rarely what was intended.

Similarly, on the system bus, rules of the form

<deny send_interface="com.example.MyInterface"/>

are redundant with the system bus's default-deny policy, and have
unintended effects on other services.

This check ignores rules of the form

<policy user="root">
<allow ... />
</policy>

which are commonly used for the "agent" pattern seen in services like
BlueZ and NetworkManager: a root-privileged daemon calls out to one or
more per-user user interface agent processes with no specific name, so
send_destination is not easily applicable. However, such rules should
still be made as specific as possible to avoid undesired side-effects.

Please refer to https://bugs.freedesktop.org/show_bug.cgi?id=18961 and
http://lists.freedesktop.org/archives/dbus/2008-February/009401.html for
details.

Visibility: warning
Show-Always: no
Check: desktop/dbus

Show affected packages