1 <policy-set id="Tizen-Policy" combine="first-matching-target">
2 <policy id="Tizen-Policy-Plaform-API" description="Plaform API" combine="permit-overrides">
3 <!-- Plaform API. This is finger-print of -->
6 <subject-match attr="distributor-key-root-fingerprint" func="equal">
7 sha-1 B0:5F:40:43:71:1F:11:BC:9A:6A:62:FA:DA:92:54:79:92:16:11:DF
11 <subject-match attr="distributor-key-root-fingerprint" func="equal">
12 sha-1 2A:74:E8:CF:9E:0F:C3:D9:80:48:8B:E7:86:F7:83:49:91:11:E1:E0
15 <!-- Plaform API. This is finger-print of tizen-platform-class-developer-root.pem-->
17 <subject-match attr="distributor-key-root-fingerprint" func="equal">
18 sha-1 92:05:15:EE:A4:7A:EC:36:ED:41:9D:F8:F6:46:00:F4:A4:FB:16:74
21 <!-- Plaform API. This is finger-print of tizen-platform-class-root-authority.pem-->
23 <subject-match attr="distributor-key-root-fingerprint" func="equal">
24 sha-1 76:9F:5B:68:84:D0:21:92:5D:0C:1E:94:40:EC:D5:4E:21:2F:5A:43
29 <rule effect="permit">
30 <condition combine="or">
31 <resource-match attr="device-cap" func="equal" match="tizen" />
35 <rule effect="permit">
36 <condition combine="or">
37 <resource-match attr="device-cap" func="equal" match="alarm" />
41 <!-- access to application -->
42 <rule effect="permit">
43 <condition combine="or">
44 <resource-match attr="device-cap" func="equal" match="application.launch" />
45 <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
46 <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
50 <!-- access to bookmark -->
51 <rule effect="permit">
52 <condition combine="or">
53 <resource-match attr="device-cap" func="equal" match="bookmark.read" />
54 <resource-match attr="device-cap" func="equal" match="bookmark.write" />
58 <!-- access to package -->
59 <rule effect="permit">
60 <condition combine="or">
61 <resource-match attr="device-cap" func="equal" match="packagemanager.install" />
62 <resource-match attr="device-cap" func="equal" match="package.info" />
66 <!-- access to bluetooth -->
67 <rule effect="permit">
68 <condition combine="or">
69 <resource-match attr="device-cap" func="equal" match="bluetoothmanager" />
70 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
71 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
72 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
76 <!-- access to calendar -->
77 <rule effect="permit">
78 <condition combine="or">
79 <resource-match attr="device-cap" func="equal" match="calendar.read" />
80 <resource-match attr="device-cap" func="equal" match="calendar.write" />
84 <!-- access to call history -->
85 <rule effect="permit">
86 <condition combine="or">
87 <resource-match attr="device-cap" func="equal" match="callhistory.read" />
88 <resource-match attr="device-cap" func="equal" match="callhistory.write" />
92 <!-- access to contact -->
93 <rule effect="permit">
94 <condition combine="or">
95 <resource-match attr="device-cap" func="equal" match="contact.read" />
96 <resource-match attr="device-cap" func="equal" match="contact.write" />
100 <!-- access to content -->
101 <rule effect="permit">
102 <condition combine="or">
103 <resource-match attr="device-cap" func="equal" match="content.read" />
104 <resource-match attr="device-cap" func="equal" match="content.write" />
108 <rule effect="permit">
109 <condition combine="or">
110 <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
114 <!-- access to download feature -->
115 <rule effect="permit">
116 <condition combine="or">
117 <resource-match attr="device-cap" func="equal" match="download" />
121 <rule effect="permit">
122 <condition combine="or">
123 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
124 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
128 <rule effect="permit">
129 <condition combine="or">
130 <resource-match attr="device-cap" func="equal" match="messaging.read" />
131 <resource-match attr="device-cap" func="equal" match="messaging.write" />
133 <resource-match attr="device-cap" func="equal" match="messaging.send" />
137 <rule effect="permit">
138 <condition combine="or">
139 <resource-match attr="device-cap" func="equal" match="messageport" />
143 <rule effect="permit">
144 <condition combine="or">
145 <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
149 <!-- access to NFC -->
150 <rule effect="permit">
151 <condition combine="or">
152 <resource-match attr="device-cap" func="equal" match="nfc.admin" />
153 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
154 <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
155 <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
156 <resource-match attr="device-cap" func="equal" match="nfc.common" />
160 <rule effect="permit">
161 <condition combine="or">
162 <resource-match attr="device-cap" func="equal" match="notification" />
166 <!-- access to power feature -->
167 <rule effect="permit">
168 <condition combine="or">
169 <resource-match attr="device-cap" func="equal" match="power" />
173 <!-- access to datasync -->
174 <rule effect="permit">
175 <condition combine="or">
176 <resource-match attr="device-cap" func="equal" match="datasync" />
180 <!-- access to push feature -->
181 <rule effect="permit">
182 <condition combine="or">
183 <resource-match attr="device-cap" func="equal" match="push" />
187 <!-- access to system setting -->
188 <rule effect="permit">
189 <condition combine="or">
190 <resource-match attr="device-cap" func="equal" match="setting" />
194 <!-- access to systeminfo -->
195 <rule effect="permit">
196 <condition combine="or">
197 <resource-match attr="device-cap" func="equal" match="system.info" />
198 <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
202 <rule effect="permit">
203 <condition combine="or">
204 <resource-match attr="device-cap" func="equal" match="secureelement" />
205 <resource-match attr="device-cap" func="equal" match="se" />
209 <!-- Belows will be removed -->
210 <!-- access to timeutil -->
211 <rule effect="permit">
212 <condition combine="or">
213 <resource-match attr="device-cap" func="equal" match="time" />
217 <rule effect="permit">
218 <condition combine="or">
219 <resource-match attr="device-cap" func="equal" match="log" />
223 <rule effect="permit">
224 <condition combine="or">
225 <resource-match attr="device-cap" func="equal" match="account.read" />
226 <resource-match attr="device-cap" func="equal" match="account.write" />
230 <rule effect="permit">
231 <condition combine="or">
232 <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
236 <!-- access to external network -->
237 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
238 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
239 <rule effect="permit">
240 <condition combine="or">
241 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
242 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
246 <!-- access to external network on roaming status -->
247 <rule effect="permit">
248 <condition combine="and">
249 <condition combine="or">
250 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
251 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
253 <environment-match attr="roaming" match="true" />
257 <rule effect="deny" />
260 <policy id="Tizen-Policy-Partner-API" description="Partner API" combine="permit-overrides">
261 <!-- Partner API. This is finger-print of tizen-distributor-root-ca-partner.pem -->
264 <subject-match attr="distributor-key-root-fingerprint" func="equal">
265 sha-1 67:37:DE:B7:B9:9D:D2:DB:A5:2C:42:DE:CB:2F:2C:3E:33:97:E1:85
268 <!-- Partner API. This is finger-print of tizen-distributor-root-ca-partner.pem -->
270 <subject-match attr="distributor-key-root-fingerprint" func="equal">
271 sha-1 94:A1:ED:C3:2F:CB:FD:6A:EE:3E:7E:1A:53:F1:55:34:36:01:E9:3F
274 <!-- Partner API. This is finger-print of tizen-partner-class-developer-root.pem -->
276 <subject-match attr="distributor-key-root-fingerprint" func="equal">
277 sha-1 DE:F9:4F:17:12:3A:CD:0D:42:7B:A2:C8:95:42:67:2B:50:8F:B6:FF
282 <rule effect="permit">
283 <condition combine="or">
284 <resource-match attr="device-cap" func="equal" match="tizen" />
288 <rule effect="permit">
289 <condition combine="or">
290 <resource-match attr="device-cap" func="equal" match="alarm" />
294 <!-- access to application -->
295 <rule effect="permit">
296 <condition combine="or">
297 <resource-match attr="device-cap" func="equal" match="application.launch" />
298 <resource-match attr="device-cap" func="equal" match="appmanager.kill" />
299 <resource-match attr="device-cap" func="equal" match="appmanager.certificate" />
303 <!-- access to package -->
304 <rule effect="permit">
305 <condition combine="or">
306 <resource-match attr="device-cap" func="equal" match="package.info" />
310 <!-- access to bluetooth -->
311 <rule effect="permit">
312 <condition combine="or">
313 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
314 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
315 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
319 <!-- access to calendar -->
320 <rule effect="permit">
321 <condition combine="or">
322 <resource-match attr="device-cap" func="equal" match="calendar.read" />
323 <resource-match attr="device-cap" func="equal" match="calendar.write" />
327 <!-- access to call history -->
328 <rule effect="permit">
329 <condition combine="or">
330 <resource-match attr="device-cap" func="equal" match="callhistory.read" />
331 <resource-match attr="device-cap" func="equal" match="callhistory.write" />
335 <!-- access to contact -->
336 <rule effect="permit">
337 <condition combine="or">
338 <resource-match attr="device-cap" func="equal" match="contact.read" />
339 <resource-match attr="device-cap" func="equal" match="contact.write" />
343 <!-- access to content -->
344 <rule effect="permit">
345 <condition combine="or">
346 <resource-match attr="device-cap" func="equal" match="content.read" />
347 <resource-match attr="device-cap" func="equal" match="content.write" />
351 <rule effect="permit">
352 <condition combine="or">
353 <resource-match attr="device-cap" func="equal" match="datacontrol.consumer" />
357 <!-- access to download feature -->
358 <rule effect="permit">
359 <condition combine="or">
360 <resource-match attr="device-cap" func="equal" match="download" />
364 <rule effect="permit">
365 <condition combine="or">
366 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
367 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
371 <rule effect="permit">
372 <condition combine="or">
373 <resource-match attr="device-cap" func="equal" match="messaging.read" />
374 <resource-match attr="device-cap" func="equal" match="messaging.write" />
376 <resource-match attr="device-cap" func="equal" match="messaging.send" />
380 <rule effect="permit">
381 <condition combine="or">
382 <resource-match attr="device-cap" func="equal" match="messageport" />
386 <rule effect="permit">
387 <condition combine="or">
388 <resource-match attr="device-cap" func="equal" match="networkbearerselection" />
392 <!-- access to NFC -->
393 <rule effect="permit">
394 <condition combine="or">
395 <resource-match attr="device-cap" func="equal" match="nfc.admin" />
396 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
397 <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
398 <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
399 <resource-match attr="device-cap" func="equal" match="nfc.common" />
403 <rule effect="permit">
404 <condition combine="or">
405 <resource-match attr="device-cap" func="equal" match="notification" />
409 <!-- access to power feature -->
410 <rule effect="permit">
411 <condition combine="or">
412 <resource-match attr="device-cap" func="equal" match="power" />
416 <!-- access to datasync -->
417 <rule effect="permit">
418 <condition combine="or">
419 <resource-match attr="device-cap" func="equal" match="datasync" />
423 <!-- access to push feature -->
424 <rule effect="permit">
425 <condition combine="or">
426 <resource-match attr="device-cap" func="equal" match="push" />
430 <!-- access to system setting -->
431 <rule effect="permit">
432 <condition combine="or">
433 <resource-match attr="device-cap" func="equal" match="setting" />
437 <!-- access to systeminfo -->
438 <rule effect="permit">
439 <condition combine="or">
440 <resource-match attr="device-cap" func="equal" match="system.info" />
441 <resource-match attr="device-cap" func="equal" match="systemmanager.info" />
445 <rule effect="permit">
446 <condition combine="or">
447 <resource-match attr="device-cap" func="equal" match="secureelement" />
448 <resource-match attr="device-cap" func="equal" match="se" />
452 <!-- Belows will be removed -->
453 <!-- access to timeutil -->
454 <rule effect="permit">
455 <condition combine="or">
456 <resource-match attr="device-cap" func="equal" match="time" />
460 <rule effect="permit">
461 <condition combine="or">
462 <resource-match attr="device-cap" func="equal" match="log" />
466 <rule effect="permit">
467 <condition combine="or">
468 <resource-match attr="device-cap" func="equal" match="account.read" />
469 <resource-match attr="device-cap" func="equal" match="account.write" />
473 <rule effect="permit">
474 <condition combine="or">
475 <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
479 <!-- access to external network -->
480 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
481 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
482 <rule effect="permit">
483 <condition combine="or">
484 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
485 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
489 <!-- access to external network on roaming status -->
490 <rule effect="permit">
491 <condition combine="and">
492 <condition combine="or">
493 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
494 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
496 <environment-match attr="roaming" match="true" />
500 <rule effect="deny" />
503 <policy id="Tizen-Policy-Public-API" description="Public API" combine="permit-overrides">
505 <!-- Plaform API. This is finger-print of tizen-distributor-root-ca-public.pem-->
507 <subject-match attr="distributor-key-root-fingerprint" func="equal">
508 sha-1 04:C5:A6:1D:75:BB:F5:5C:0F:A2:66:F6:09:4D:9B:2B:5F:3B:44:AE
511 <!-- Plaform API. This is finger-print of tizen-public-class-root-authority.pem-->
513 <subject-match attr="distributor-key-root-fingerprint" func="equal">
514 sha-1 A1:3F:15:2E:93:EB:80:36:F5:E0:BD:DA:8E:A5:4B:38:8A:6A:EB:E6
518 <subject-match attr="distributor-key-root-fingerprint" func="equal">
519 sha-1 5A:C1:18:AC:6E:C7:EA:27:59:7D:5F:5A:1D:19:85:3D:A2:95:D5:18
524 <rule effect="permit">
525 <condition combine="or">
526 <resource-match attr="device-cap" func="equal" match="tizen" />
530 <rule effect="permit">
531 <condition combine="or">
532 <resource-match attr="device-cap" func="equal" match="alarm" />
536 <!-- access to application -->
537 <rule effect="permit">
538 <condition combine="or">
539 <resource-match attr="device-cap" func="equal" match="application.launch" />
543 <!-- access to package -->
544 <rule effect="permit">
545 <condition combine="or">
546 <resource-match attr="device-cap" func="equal" match="package.info" />
550 <!-- access to bluetooth -->
551 <rule effect="permit">
552 <condition combine="or">
553 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
554 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
555 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
559 <!-- access to calendar -->
560 <rule effect="permit">
561 <condition combine="or">
562 <resource-match attr="device-cap" func="equal" match="calendar.read" />
563 <resource-match attr="device-cap" func="equal" match="calendar.write" />
567 <!-- access to call history -->
568 <rule effect="permit">
569 <condition combine="or">
570 <resource-match attr="device-cap" func="equal" match="callhistory.read" />
571 <resource-match attr="device-cap" func="equal" match="callhistory.write" />
575 <!-- access to contact -->
576 <rule effect="permit">
577 <condition combine="or">
578 <resource-match attr="device-cap" func="equal" match="contact.read" />
579 <resource-match attr="device-cap" func="equal" match="contact.write" />
583 <!-- access to content -->
584 <rule effect="permit">
585 <condition combine="or">
586 <resource-match attr="device-cap" func="equal" match="content.read" />
587 <resource-match attr="device-cap" func="equal" match="content.write" />
591 <!-- access to download feature -->
592 <rule effect="permit">
593 <condition combine="or">
594 <resource-match attr="device-cap" func="equal" match="download" />
598 <rule effect="permit">
599 <condition combine="or">
600 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
601 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
605 <rule effect="permit">
606 <condition combine="or">
607 <resource-match attr="device-cap" func="equal" match="messaging.read" />
608 <resource-match attr="device-cap" func="equal" match="messaging.write" />
610 <resource-match attr="device-cap" func="equal" match="messaging.send" />
614 <rule effect="permit">
615 <condition combine="or">
616 <resource-match attr="device-cap" func="equal" match="messageport" />
620 <!-- access to NFC -->
621 <rule effect="permit">
622 <condition combine="or">
623 <resource-match attr="device-cap" func="equal" match="nfc.admin" />
624 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
625 <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
626 <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
627 <resource-match attr="device-cap" func="equal" match="nfc.common" />
631 <rule effect="permit">
632 <condition combine="or">
633 <resource-match attr="device-cap" func="equal" match="notification" />
637 <!-- access to power feature -->
638 <rule effect="permit">
639 <condition combine="or">
640 <resource-match attr="device-cap" func="equal" match="power" />
644 <!-- access to datasync -->
645 <rule effect="permit">
646 <condition combine="or">
647 <resource-match attr="device-cap" func="equal" match="datasync" />
651 <!-- access to push feature -->
652 <rule effect="permit">
653 <condition combine="or">
654 <resource-match attr="device-cap" func="equal" match="push" />
658 <!-- access to system setting -->
659 <rule effect="permit">
660 <condition combine="or">
661 <resource-match attr="device-cap" func="equal" match="setting" />
665 <!-- access to systeminfo -->
666 <rule effect="permit">
667 <condition combine="or">
668 <resource-match attr="device-cap" func="equal" match="system.info" />
672 <!-- Belows will be removed -->
673 <!-- access to timeutil -->
674 <rule effect="permit">
675 <condition combine="or">
676 <resource-match attr="device-cap" func="equal" match="time" />
680 <rule effect="permit">
681 <condition combine="or">
682 <resource-match attr="device-cap" func="equal" match="log" />
686 <rule effect="permit">
687 <condition combine="or">
688 <resource-match attr="device-cap" func="equal" match="account.read" />
689 <resource-match attr="device-cap" func="equal" match="account.write" />
693 <rule effect="permit">
694 <condition combine="or">
695 <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
699 <!-- access to external network -->
700 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
701 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
702 <rule effect="permit">
703 <condition combine="or">
704 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
705 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
709 <!-- access to external network on roaming status -->
710 <rule effect="permit">
711 <condition combine="and">
712 <condition combine="or">
713 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
714 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
716 <environment-match attr="roaming" match="true" />
720 <rule effect="deny" />
723 <policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
724 <!-- Specific Untrusted Policy for Tizen -->
726 <rule effect="permit">
727 <condition combine="or">
728 <resource-match attr="device-cap" func="equal" match="tizen" />
732 <rule effect="permit">
733 <condition combine="or">
734 <resource-match attr="device-cap" func="equal" match="alarm" />
738 <!-- access to application -->
739 <rule effect="permit">
740 <condition combine="or">
741 <resource-match attr="device-cap" func="equal" match="application.launch" />
745 <!-- access to package -->
746 <rule effect="permit">
747 <condition combine="or">
748 <!-- packagemanager.install (platform) -->
749 <!--<resource-match attr="device-cap" func="equal" match="packagemanager.install" />-->
750 <resource-match attr="device-cap" func="equal" match="package.info" />
754 <!-- access to bluetooth -->
755 <rule effect="permit">
756 <condition combine="or">
757 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
758 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
759 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
763 <!-- access to calendar -->
764 <rule effect="permit">
765 <condition combine="or">
766 <resource-match attr="device-cap" func="equal" match="calendar.read" />
767 <resource-match attr="device-cap" func="equal" match="calendar.write" />
771 <!-- access to call history -->
772 <rule effect="permit">
773 <condition combine="or">
774 <resource-match attr="device-cap" func="equal" match="callhistory.read" />
775 <resource-match attr="device-cap" func="equal" match="callhistory.write" />
779 <!-- access to contact -->
780 <rule effect="permit">
781 <condition combine="or">
782 <resource-match attr="device-cap" func="equal" match="contact.read" />
783 <resource-match attr="device-cap" func="equal" match="contact.write" />
787 <!-- access to content -->
788 <rule effect="permit">
789 <condition combine="or">
790 <resource-match attr="device-cap" func="equal" match="content.read" />
791 <resource-match attr="device-cap" func="equal" match="content.write" />
795 <!-- access to download feature -->
796 <rule effect="permit">
797 <condition combine="or">
798 <resource-match attr="device-cap" func="equal" match="download" />
802 <rule effect="permit">
803 <condition combine="or">
804 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
805 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
809 <rule effect="permit">
810 <condition combine="or">
811 <resource-match attr="device-cap" func="equal" match="messaging.read" />
812 <resource-match attr="device-cap" func="equal" match="messaging.write" />
814 <resource-match attr="device-cap" func="equal" match="messaging.send" />
818 <rule effect="permit">
819 <condition combine="or">
820 <resource-match attr="device-cap" func="equal" match="messageport" />
824 <!-- access to NFC -->
825 <rule effect="permit">
826 <condition combine="or">
827 <resource-match attr="device-cap" func="equal" match="nfc.admin" />
828 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
829 <resource-match attr="device-cap" func="equal" match="nfc.p2p" />
830 <resource-match attr="device-cap" func="equal" match="nfc.cardemulation" />
831 <resource-match attr="device-cap" func="equal" match="nfc.common" />
835 <rule effect="permit">
836 <condition combine="or">
837 <resource-match attr="device-cap" func="equal" match="notification" />
841 <!-- access to power feature -->
842 <rule effect="permit">
843 <condition combine="or">
844 <resource-match attr="device-cap" func="equal" match="power" />
848 <!-- access to datasync -->
849 <rule effect="permit">
850 <condition combine="or">
851 <resource-match attr="device-cap" func="equal" match="datasync" />
855 <!-- access to push feature -->
856 <rule effect="permit">
857 <condition combine="or">
858 <resource-match attr="device-cap" func="equal" match="push" />
862 <!-- access to system setting -->
863 <rule effect="permit">
864 <condition combine="or">
865 <resource-match attr="device-cap" func="equal" match="setting" />
869 <!-- access to systeminfo -->
870 <rule effect="permit">
871 <condition combine="or">
872 <resource-match attr="device-cap" func="equal" match="system.info" />
876 <!-- Belows will be removed -->
877 <!-- access to timeutil -->
878 <rule effect="permit">
879 <condition combine="or">
880 <resource-match attr="device-cap" func="equal" match="time" />
884 <rule effect="permit">
885 <condition combine="or">
886 <resource-match attr="device-cap" func="equal" match="log" />
890 <rule effect="permit">
891 <condition combine="or">
892 <resource-match attr="device-cap" func="equal" match="account.read" />
893 <resource-match attr="device-cap" func="equal" match="account.write" />
897 <rule effect="permit">
898 <condition combine="or">
899 <resource-match attr="device-cap" func="equal" match="contentmanager.write" />
903 <!-- access to external network -->
904 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
905 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
906 <rule effect="permit">
907 <condition combine="or">
908 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
909 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
913 <!-- access to external network on roaming status -->
914 <rule effect="permit">
915 <condition combine="and">
916 <condition combine="or">
917 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
918 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
920 <environment-match attr="roaming" match="true" />
924 <rule effect="deny" />