scripts: Apply dbus security policy using xml-based conf file

Until now, there is no specific dbus security policy in PASS. Therefore,
any processes which do not have the root or special privileges can send
dbus messages to the pass daemon. This could be a serious security hole.
In order to solve such problem, this patch applies a dbus security
policy by using the pass.conf file, which is formed in XML format.

From now, without the root privileges, it is not allowed to send dbus
messages to the pass daemon. Only dbus messages sent from the processes
whose user ids are *app_fw* to the pmqos interface can be received by
the pass daemon.

Change-Id: I583eb3a097e1181e9b02b896bd97d54771c63f9c
Signed-off-by: Wook Song <wook16.song@samsung.com>

diff --git a/scripts/pass.conf b/scripts/pass.conf
index b155179f470bd4780cc552e1c4b7d14ebe418c80..9c63d7ba7dca9f3408b173425c066a3845342a9e 100644 (file)
--- a/scripts/pass.conf
+++ b/scripts/pass.conf
@@ -5,4 +5,14 @@
         <allow own="org.tizen.system.pass"/>
         <allow send_destination="org.tizen.system.pass"/>
     </policy>
+    <policy user="app_fw">
+        <allow send_destination="org.tizen.system.pass"
+               send_interface="org.tizen.system.pass.pmqos"/>
+    </policy>
+    <policy context="default">
+        <deny send_destination="org.tizen.system.pass"
+               send_interface="org.tizen.system.pass.pmqos"/>
+        <deny send_destination="org.tizen.system.pass"
+               send_interface="org.tizen.system.pass.core"/>
+    </policy>
 </busconfig>