add a <deny> statement to prevent regular users from invoking any
methods on hostname1's interface, which all set details only root
should be able to set
<policy context="default">
<allow send_destination="org.freedesktop.hostname1"/>
<allow receive_sender="org.freedesktop.hostname1"/>
<policy context="default">
<allow send_destination="org.freedesktop.hostname1"/>
<allow receive_sender="org.freedesktop.hostname1"/>
+
+ <deny send_destination="org.freedesktop.hostname1"
+ send_interface="org.freedesktop.hostname1"
+ send_type="method_call"/>