tests/ace/test-configuration/policy-example2.xml

   1  <policy-set id="Policy-1" combine="first-matching-target">
   2
   3     <policy>
   4           <target>
   5              <subject>
   6                  <subject-match attr="name" match="analogclock" />
   7              </subject>
   8          </target>
   9           <rule effect="permit">
  10              <condition>
  11                  <resource-match attr="resource-id">
  12                      device.simcard
  13                  </resource-match>
  14              </condition>
  15          </rule>
  16      </policy>
  17
  18      <policy>
  19          <target>
  20              <subject>
  21                  <subject-match attr="name" match="memo" />
  22              </subject>
  23          </target>
  24          <rule effect="deny">
  25              <condition>
  26                  <resource-match attr="resource-id">
  27                       file.write
  28                  </resource-match>
  29                  <subject-match attr="name" match="memo" />
  30              </condition>
  31          </rule>
  32      </policy>
  33
  34      <policy>
  35          <target>
  36              <subject>
  37                  <subject-match attr="name" match="phonesearch" />
  38              </subject>
  39          </target>
  40          <rule effect="prompt-oneshot">
  41              <condition>
  42                  <resource-match attr="resource-id">
  43                      pim.contact
  44                  </resource-match>
  45                  <subject-match attr="name" match="phonesearch" />
  46              </condition>
  47          </rule>
  48      </policy>
  49
  50  </policy-set>