The package contains D-Bus policy configuration that matches broad classes of messages. This will cause strange side-effects, is almost certainly unintended, and is a probable security flaw.
<policy user="daemon"> <allow send_type="method_call"/> <allow send_destination="com.example.Bees"/> </policy>
in any system bus policy file would allow the
daemon user to send
any method call to any service, including method calls which are meant to
be restricted to root-only for security, such as
org.freedesktop.systemd1.Manager.StartTransientUnit. (In addition,
it allows that user to send any message to the
The intended policy for that particular example was probably more like
<policy user="daemon"> <allow send_type="method_call" send_destination="com.example.Bees"/> </policy>
which correctly allows method calls to that particular service only.