summaryrefslogtreecommitdiff
path: root/doc/dbus-specification.xml
diff options
context:
space:
mode:
Diffstat (limited to 'doc/dbus-specification.xml')
-rw-r--r--doc/dbus-specification.xml9
1 files changed, 9 insertions, 0 deletions
diff --git a/doc/dbus-specification.xml b/doc/dbus-specification.xml
index 865a8bff..629ab10c 100644
--- a/doc/dbus-specification.xml
+++ b/doc/dbus-specification.xml
@@ -1700,6 +1700,15 @@
message as though it had an arbitrary one of those interfaces.
</para>
<para>
+ In some situations (such as the well-known system bus), messages
+ are filtered through an access-control list external to the
+ remote object implementation. If that filter rejects certain
+ messages by matching their interface, or accepts only messages
+ to specific interfaces, it must also reject messages that have no
+ <literal>INTERFACE</literal>: otherwise, malicious
+ applications could use this to bypass the filter.
+ </para>
+ <para>
Method call messages also include a <literal>PATH</literal> field
indicating the object to invoke the method on. If the call is passing
through a message bus, the message will also have a