</condition>
</rule>
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="packagemanager.install" />
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
<!-- access to bluetooth -->
<rule effect="permit">
<condition combine="or">
<resource-match attr="device-cap" func="equal" match="contentmanager.write" />
</condition>
</rule>
-
+
<!-- access to external network -->
<!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
<!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
<environment-match attr="roaming" match="true" />
</condition>
</rule>
- -->
+ -->
<rule effect="deny" />
<resource-match attr="device-cap" func="equal" match="contentmanager.write" />
</condition>
</rule>
-
+
<!-- access to external network -->
<!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
<!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
</condition>
</rule>
-->
-
+
<rule effect="deny" />
</policy>
sha-1 5A:C1:18:AC:6E:C7:EA:27:59:7D:5F:5A:1D:19:85:3D:A2:95:D5:18
</subject-match>
</subject>
- </target>
+ </target>
<rule effect="permit">
<condition combine="or">
<resource-match attr="device-cap" func="equal" match="contentmanager.write" />
</condition>
</rule>
-
+
<!-- access to external network -->
<!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
<!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
</condition>
</rule>
-->
-
+
<rule effect="deny" />
</policy>
<policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="permit-overrides">
<!-- Specific Untrusted Policy for Tizen -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="tizen" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="speech" />
+ </condition>
+ </rule>
+
+ <!-- access to application -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="application.launch" />
+ <resource-match attr="device-cap" func="equal" match="application.info" />
+ </condition>
+ </rule>
+
+ <!-- access to package -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="packagemanager.install" />
+ <resource-match attr="device-cap" func="equal" match="package.info" />
+ </condition>
+ </rule>
+
+ <!-- access to bluetooth -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
+ <resource-match attr="device-cap" func="equal" match="bluetooth.health" />
+ </condition>
+ </rule>
+
+ <!-- access to content -->
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="content.read" />
+ <resource-match attr="device-cap" func="equal" match="content.write" />
+ </condition>
+ </rule>
+
+ <!-- access to download feature -->
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="download" />
+ </condition>
+ </rule>
+
+ <rule effect="permit">
+ <condition combine="or">
+ <resource-match attr="device-cap" func="equal" match="filesystem.read" />
+ <resource-match attr="device-cap" func="equal" match="filesystem.write" />
+ </condition>
+ </rule>
<rule effect="deny" />
</policy>
projects / platform / framework / web / wrt-security.git / commitdiff