Add privilege check on dbus policy configuration (with some cleanups)

[Version] 5.0-61
[Profile] Common
[Issue Type] Privilege

Change-Id: I10830d84e38f7e7c34a7fd0d7783c7cc60d9bced

diff --git a/packaging/pulseaudio.spec b/packaging/pulseaudio.spec
index c1e1e77..adbfe6f 100644 (file)
--- a/packaging/pulseaudio.spec
+++ b/packaging/pulseaudio.spec
@@ -10,7 +10,7 @@
 Name:             pulseaudio
 Summary:          Improved Linux sound server
 Version:          5.0
-Release:          60
+Release:          61
 Group:            Multimedia/Audio
 License:          LGPL-2.1+
 URL:              http://pulseaudio.org

diff --git a/src/daemon/pulseaudio-system.conf b/src/daemon/pulseaudio-system.conf
index 57c94fb..4594529 100644 (file)
--- a/src/daemon/pulseaudio-system.conf
+++ b/src/daemon/pulseaudio-system.conf
@@ -1,57 +1,22 @@
-<?xml version="1.0"?><!--*-nxml-*-->
 <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-
-<!--
-This file is part of PulseAudio.
-
-PulseAudio is free software; you can redistribute it and/or modify it
-under the terms of the GNU Lesser General Public License as
-published by the Free Software Foundation; either version 2.1 of the
-License, or (at your option) any later version.
-
-PulseAudio is distributed in the hope that it will be useful, but WITHOUT
-ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
-or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
-Public License for more details.
-
-You should have received a copy of the GNU Lesser General Public
-License along with PulseAudio; if not, write to the Free Software
-Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
-USA.
--->
-
 <busconfig>
-
   <!-- System-wide PulseAudio runs as 'pulse' user. This fragment is
        not necessary for user PulseAudio instances. -->
-  <!--
-  <policy user="pulse">
-    <allow own="org.pulseaudio.Server"/>
-  </policy>
-  -->
-  <policy user="default">
-    <allow own_prefix="org.pulseaudio.Server"/>
-    <allow send_destination="org.pulseaudio.Server"/>
-    <allow receive_sender="org.pulseaudio.Server"/>
-  </policy>
-
   <policy user="pulse">
     <allow own="org.pulseaudio.Server"/>
-    <allow send_destination="org.pulseaudio.Server"/>
-    <allow receive_sender="org.pulseaudio.Server"/>
+    <allow send_destination="org.freedesktop.DBus"/>
+    <allow send_destination="org.bluez"/>
+    <allow send_destination="org.bluez.ag_agent"/>
   </policy>
 
   <policy user="root">
-    <allow own_prefix="org.pulseaudio.Server"/>
+    <allow own="org.pulseaudio.Server"/>
     <allow send_destination="org.pulseaudio.Server"/>
-    <allow receive_sender="org.pulseaudio.Server"/>
   </policy>
 
   <policy context="default">
-    <allow own_prefix="org.pulseaudio.Server"/>
-    <allow send_destination="org.pulseaudio.Server"/>
-    <allow receive_sender="org.pulseaudio.Server"/>
+      <allow send_destination="org.pulseaudio.Server"/>
+      <check send_destination="org.pulseaudio.Server" send_interface="org.pulseaudio.StreamManager" send_member="SetVolumeLevel" privilege="http://tizen.org/privilege/volume.set" />
   </policy>
-
 </busconfig>