diff --git a/bus/bus.c b/bus/bus.c
index e24504c3..a514e31d 100644
--- a/bus/bus.c
+++ b/bus/bus.c
@@ -526,6 +526,18 @@ process_config_every_time (BusContext      *context,
   context->policy = bus_config_parser_steal_policy (parser);
   _dbus_assert (context->policy != NULL);
 
+  /* context->connections is NULL when creating new BusContext */
+  if (context->connections)
+    {
+      _dbus_verbose ("Reload policy rules for completed connections\n");
+      retval = bus_connections_reload_policy (context->connections, error);
+      if (!retval)
+        {
+          _DBUS_ASSERT_ERROR_IS_SET (error);
+          goto failed;
+        }
+    }
+
   /* We have to build the address backward, so that
    * <listen> later in the config file have priority
    */
diff --git a/bus/connection.c b/bus/connection.c
index fddbc78a..8d741d6f 100644
--- a/bus/connection.c
+++ b/bus/connection.c
@@ -1435,6 +1435,42 @@ fail:
   return FALSE;
 }
 
+dbus_bool_t
+bus_connections_reload_policy (BusConnections *connections,
+                               DBusError      *error)
+{
+  BusConnectionData *d;
+  DBusConnection *connection;
+  DBusList *link;
+
+  _dbus_assert (connections != NULL);
+  _DBUS_ASSERT_ERROR_IS_CLEAR (error);
+
+  for (link = _dbus_list_get_first_link (&(connections->completed));
+       link;
+       link = _dbus_list_get_next_link (&(connections->completed), link))
+    {
+      connection = link->data;
+      d = BUS_CONNECTION_DATA (connection);
+      _dbus_assert (d != NULL);
+      _dbus_assert (d->policy != NULL);
+
+      bus_client_policy_unref (d->policy);
+      d->policy = bus_context_create_client_policy (connections->context,
+                                                    connection,
+                                                    error);
+      if (d->policy == NULL)
+        {
+          _dbus_verbose ("Failed to create security policy for connection %p\n",
+                      connection);
+          _DBUS_ASSERT_ERROR_IS_SET (error);
+          return FALSE;
+        }
+    }
+
+  return TRUE;
+}
+
 const char *
 bus_connection_get_name (DBusConnection *connection)
 {
diff --git a/bus/connection.h b/bus/connection.h
index c9360212..13c8b99f 100644
--- a/bus/connection.h
+++ b/bus/connection.h
@@ -45,6 +45,8 @@ void            bus_connections_foreach_active    (BusConnections
                                                    void                         *data);
 BusContext*     bus_connections_get_context       (BusConnections               *connections);
 void            bus_connections_increment_stamp   (BusConnections               *connections);
+dbus_bool_t     bus_connections_reload_policy     (BusConnections               *connections,
+                                                   DBusError                    *error);
 BusContext*     bus_connection_get_context        (DBusConnection               *connection);
 BusConnections* bus_connection_get_connections    (DBusConnection               *connection);
 BusRegistry*    bus_connection_get_registry       (DBusConnection               *connection);