We need to do something like inject a wrapper for yum that disables the /run/dbus access; package scripts shouldn't see the host services. There may be unexpected polkit escalations in the unprivileged case, and in the privileged toolbox case it's much more problematic.
We need to do something like inject a wrapper for
yum
that disables the/run/dbus
access; package scripts shouldn't see the host services. There may be unexpected polkit escalations in the unprivileged case, and in the privileged toolbox case it's much more problematic.