<allow send_destination="org.tizen.system.diagnostics"
send_interface="org.tizen.system.diagnostics"
send_member="get_file"/>
- </policy>
- <policy user="root">
- <allow own="org.tizen.system.crash.livedump"/>
+
<allow send_destination="org.tizen.system.crash.livedump"
send_interface="org.tizen.system.crash.livedump"
send_member="livedump_pid"/>
</policy>
<policy user="crash_worker">
+ <allow own="org.tizen.system.crash.livedump"/>
+
<allow own="org.tizen.system.diagnostics"/>
<allow send_destination="org.tizen.system.diagnostics"
send_interface="org.tizen.system.diagnostics"
send_member="get_file"/>
</policy>
- <policy user="crash_worker">
- <allow own="org.tizen.system.crash.livedump"/>
- <allow send_destination="org.tizen.system.crash.livedump"
- send_interface="org.tizen.system.crash.livedump"
- send_member="livedump_pid"/>
- </policy>
- <policy user="stability_monitor">
+ <policy group="priv_livecoredump">
+ <!-- following section also permits applications with
+ "http://tizen.org/privilege/internal/livecoredump"
+ privilege, due to privilege -> gid mapping being used -->
<allow send_destination="org.tizen.system.crash.livedump"
send_interface="org.tizen.system.crash.livedump"
send_member="livedump_pid"/>
</policy>
<policy context="default">
<deny own="org.tizen.system.crash.livedump"/>
+ <deny send_destination="org.tizen.system.crash.livedump"/>
+
<deny own="org.tizen.system.diagnostics"/>
<deny send_destination="org.tizen.system.diagnostics"/>
- <deny send_destination="org.tizen.system.crash.livedump"/>
- <check privilege="http://tizen.org/privilege/internal/livecoredump"
- send_destination="org.tizen.system.crash.livedump"
- send_interface="org.tizen.system.crash.livedump"
- send_member="livedump_pid"/>
<check send_destination="org.tizen.system.diagnostics"
send_interface="org.tizen.system.diagnostics"
send_member="get_file"