dbus: modify dbus policy correctly

author sanghyeok.oh <sanghyeok.oh@samsung.com>

Mon, 5 Mar 2018 13:23:51 +0000 (22:23 +0900)

committer pr.jung <pr.jung@samsung.com>

Wed, 7 Mar 2018 06:26:11 +0000 (15:26 +0900)
author sanghyeok.oh <sanghyeok.oh@samsung.com>
Mon, 5 Mar 2018 13:23:51 +0000 (22:23 +0900)
committer pr.jung <pr.jung@samsung.com>
Wed, 7 Mar 2018 06:26:11 +0000 (15:26 +0900)
diff --git a/apps/extended-sd/org.tizen.extended-sd.xml b/apps/extended-sd/org.tizen.extended-sd.xml

index 7b4b24f..2ddf588 100755 (executable)
--- a/apps/extended-sd/org.tizen.extended-sd.xml
+++ b/apps/extended-sd/org.tizen.extended-sd.xml
@@ -5,6 +5,7 @@
      <privileges>
          <privilege>http://tizen.org/privilege/appmanager.launch</privilege>
          <privilege>http://tizen.org/privilege/display</privilege>
+        <privilege>http://tizen.org/privilege/externalstorage</privilege>
      </privileges>
      <ui-application appid="org.tizen.extended-sd" exec="/usr/apps/org.tizen.extended-sd/bin/extended-sd" nodisplay="false" multiple="false" type="capp" taskmanage="true" launch_mode="single">
          <label>extended-sd</label>
diff --git a/scripts/storaged.conf b/scripts/storaged.conf

old mode 100644 (file)

new mode 100755 (executable)

index ecd3199..8657f26
--- a/scripts/storaged.conf
+++ b/scripts/storaged.conf
@@ -1,23 +1,60 @@
  <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
   "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
+
  <busconfig>
      <policy user="root">
          <allow own="org.tizen.system.storage"/>
          <allow send_destination="org.tizen.system.storage"/>
      </policy>
  
-    <policy context="default">
-        <allow send_destination="org.tizen.system.storage"/>
+    <policy user="security_fw">
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="GetControl"/>
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="Control"/>
+    </policy>
  
-        <deny send_destination="org.tizen.system.storage"
-                send_interface="org.tizen.system.storage.storage"/>
+    <policy context="default">
+        <deny send_destination="org.tizen.system.storage"/>
+        <allow send_destination="org.tizen.system.storage" send_type="signal"/>
  
          <check send_destination="org.tizen.system.storage"
-                send_interface="org.tizen.system.storage.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
                  privilege="http://tizen.org/privilege/externalstorage"/>
-        <check send_destination="org.tizen.system.storage"
-                send_interface="org.tizen.system.storage.storage"
-                privilege="http://tizen.org/privilege/mediastorage"/>
  
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Storage"
+                send_member="GetStatus"/>
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Storage"
+                send_member="getstorage"/>
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Storage"
+                send_member="GetStatvfs"/>
+
+        <deny send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="GetControl"/>
+        <deny send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="Control"/>
+
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="ShowDeviceList"/>
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="GetDeviceList"/>
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="GetDeviceList2"/>
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="GetDeviceInfo"/>
+        <allow send_destination="org.tizen.system.storage"
+                send_path="/Org/Tizen/System/Storage/Block/Manager"
+                send_member="GetMmcPrimary"/>
      </policy>
  </busconfig>
author	sanghyeok.oh <sanghyeok.oh@samsung.com>
	Mon, 5 Mar 2018 13:23:51 +0000 (22:23 +0900)
committer	pr.jung <pr.jung@samsung.com>
	Wed, 7 Mar 2018 06:26:11 +0000 (15:26 +0900)
apps/extended-sd/org.tizen.extended-sd.xml		patch \| blob \| history
scripts/storaged.conf	[changed mode: 0644->0755]	patch \| blob \| history