fix(wallpapercache): restrict bus name ownership

[mhduiy]

Summary

• Remove default ownership permission for org.deepin.dde.WallpaperCache on the system bus
• Keep method call permissions unchanged for existing callers
• Limit service name ownership to root and deepin-daemon

Test

• xmllint --noout src/plugin-qt/wallpapercache/misc/org.deepin.dde.WallpaperCache.conf
• git diff --check -- src/plugin-qt/wallpapercache/misc/org.deepin.dde.WallpaperCache.conf

PMS: BUG-365669

Summary by Sourcery

Enhancements:

• Remove default permission for arbitrary clients to own the org.deepin.dde.WallpaperCache D-Bus name on the system bus, limiting service name ownership to privileged components.

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

Adjusts the D-Bus policy for org.deepin.dde.WallpaperCache to remove default bus name ownership while preserving method call permissions, restricting service name ownership to privileged users (root and deepin-daemon).

File-Level Changes

Change	Details	Files
Tighten D-Bus service ownership policy for org.deepin.dde.WallpaperCache while keeping call permissions unchanged for clients.	Remove the default policy rule that granted any caller ownership of the org.deepin.dde.WallpaperCache bus name. Retain the allow rules that permit sending messages to org.deepin.dde.WallpaperCache and its standard D-Bus interfaces, keeping existing call behavior intact. Ensure the D-Bus configuration remains well-formed XML and consistent with packaging checks.	src/plugin-qt/wallpapercache/misc/org.deepin.dde.WallpaperCache.conf debian/control

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've reviewed your changes and they look great!

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: mhduiy, robertkill

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• debian/deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[mhduiy]

/forcemerge

[deepin-bot]

This pr force merged! (status: blocked)

[deepin-ci-robot]

deepin pr auto review

这个diff显示了一个DBus配置文件org.deepin.dde.WallpaperCache.conf的修改，主要是移除了<allow own="org.deepin.dde.WallpaperCache"/>这一行。让我对此变更进行审查：

语法逻辑

• 语法上没有问题，这是一个有效的DBus配置文件变更。
• 移除<allow own="org.deepin.dde.WallpaperCache"/>意味着不再允许任何进程拥有(org)这个DBus名称。

代码质量

• 配置文件格式规范，XML结构完整。
• 注释清晰，有助于理解配置意图。

代码性能

• 这个变更对性能没有直接影响，因为它涉及的是访问控制策略，而不是功能实现。

代码安全

• 这是一个重要的安全变更。移除<allow own="org.deepin.dde.WallpaperCache"/>会限制哪些进程可以拥有这个DBus名称。
• 原来的配置允许任何进程拥有这个名称，这可能存在安全风险，因为恶意程序可能会尝试获取这个名称并提供虚假服务。
• 新配置更加安全，因为它只明确允许发送消息到这个目的地，而不允许拥有这个名称。

改进建议

1. 建议添加注释说明为什么移除了<allow own="org.deepin.dde.WallpaperCache"/>这一行，以便其他开发者理解这个安全变更的原因。
2. 考虑是否需要添加更具体的<allow>规则来明确哪些特定的进程或用户组应该拥有这个名称，而不是完全禁止任何进程拥有它。如果确实需要某些特定进程拥有这个名称，可以使用类似以下的规则：

   <allow own="org.deepin.dde.WallpaperCache" user="wallpaper-user"/>
   

3. 确保移除这个规则不会影响系统的正常功能，特别是那些依赖于拥有这个DBus名称的合法进程。

总体而言，这是一个合理的安全改进，通过限制DBus名称的拥有权限来减少潜在的安全风险。但建议添加适当的注释，并确保不会影响系统的正常功能。