Apply default deny and add rules to dbus policy

author Hyotaek Shim <hyotaek.shim@samsung.com>

Mon, 18 Apr 2022 02:06:09 +0000 (11:06 +0900)

committer Hyotaek Shim <hyotaek.shim@samsung.com>

Mon, 18 Apr 2022 02:06:09 +0000 (11:06 +0900)
author Hyotaek Shim <hyotaek.shim@samsung.com>
Mon, 18 Apr 2022 02:06:09 +0000 (11:06 +0900)
committer Hyotaek Shim <hyotaek.shim@samsung.com>
Mon, 18 Apr 2022 02:06:09 +0000 (11:06 +0900)
diff --git a/sessiond/org.tizen.sessiond.conf b/sessiond/org.tizen.sessiond.conf

index 879011842a6d3a92785593d70273f88c3a9ec5b4..35dce3d1c47e08abe277e6aad1ab7bdadae929f1 100644 (file)
--- a/sessiond/org.tizen.sessiond.conf
+++ b/sessiond/org.tizen.sessiond.conf
@@ -1,12 +1,22 @@
  <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
   "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
  <busconfig>
-    <policy user="root">
-        <allow own="org.tizen.sessiond"/>
+       <policy user="root">
+               <allow own="org.tizen.sessiond"/>
                 <allow send_destination="org.tizen.sessiond"/>
-    </policy>
-
-    <policy context="default">
-        <deny own="org.tizen.sessiond"/>
+       </policy>
+       <policy user="system_fw">
+               <allow send_destination="org.tizen.sessiond"/>
+       </policy>
+       <policy user="app_fw">
+               <allow send_destination="org.tizen.sessiond"/>
+       </policy>
+       <policy group="users">
+               <check send_destination="org.tizen.sessiond"
+               privilege="http://tizen.org/privilege/internal/usermanagement"/>
+       </policy>
+       <policy context="default">
+               <deny own="org.tizen.sessiond"/>
+               <deny send_destination="org.tizen.sessiond"/>
      </policy>
  </busconfig>
author	Hyotaek Shim <hyotaek.shim@samsung.com>
	Mon, 18 Apr 2022 02:06:09 +0000 (11:06 +0900)
committer	Hyotaek Shim <hyotaek.shim@samsung.com>
	Mon, 18 Apr 2022 02:06:09 +0000 (11:06 +0900)