This commit partially reverts commit
f24c53fb20 ("crash-service:
Restrict allow livedump API via privilege")
As discussed with SRPOL Security, the 'group membership' of given
process does not map directly to process 'having privilege', as
verified by Cynara/security-manager. For now the checking has to
be done per-user for system services and via-privilege for apps.
Change-Id: I2a7b76174adb22be8ffe55e41678b48938d90bbb
send_interface="org.tizen.system.crash.livedump"
send_member="livedump_pid"/>
</policy>
+ <policy user="stability_monitor">
+ <allow send_destination="org.tizen.system.crash.livedump"
+ send_interface="org.tizen.system.crash.livedump"
+ send_member="livedump_pid"/>
+ </policy>
<policy context="default">
<deny own="org.tizen.system.crash.livedump"/>
<check privilege="http://tizen.org/privilege/internal/livecoredump"