From a4eb932554391653cf7d4b8f7b55b2725a5c29cd Mon Sep 17 00:00:00 2001 From: Adrian Szyndela Date: Thu, 25 Jul 2019 10:01:33 +0200 Subject: [PATCH] policychecker: allow 'destination without interface' rules It seems that the checking rules that require all the policy rules with send_type="method_call" to have specified send_interface are too strong. This relaxes the checking rules a bit by allowing rules that: - are in the "default" or "mandatory" contexts; - have 'send_type' or 'receive_type set' to "method_call"; - have specified 'send_destination' or 'receive_sender'. That is, we don't require "send_interface" or "receive interface" anymore for such rules. Change-Id: Iefa9bb5a5e23319c7549fa597ab00b5c88600585 --- policychecker/rules.xsl | 2 -- 1 file changed, 2 deletions(-) diff --git a/policychecker/rules.xsl b/policychecker/rules.xsl index 8d0bbe7..0d13fb9 100644 --- a/policychecker/rules.xsl +++ b/policychecker/rules.xsl @@ -70,14 +70,12 @@ Unconstrained allows are not allowed in context default and context mandatory: missing send_destination or send_destination_prefix, but send_type="method_call" is present. - Unconstrained allows are not allowed in context default and context mandatory: missing send_interface, but send_type="method_call" is present. Unconstrained allows are not allowed in context default and context mandatory: missing send_destination or send_destination_prefix for non-signal, but send_path is present. Unconstrained allows are not allowed in context default and context mandatory: missing receive_sender, but receive_type="method_call" is present. - Unconstrained allows are not allowed in context default and context mandatory: missing receive_interface, but receive_type="method_call" is present. Unconstrained allows are not allowed in context default and context mandatory: missing receive_sender, but receive_path is present. -- 2.34.1