1 <policy-set id="Tizen-Policy" combine="first-matching-target">
2 <policy id="Tizen-Policy-Trusted" description="Tizen's policy for trusted domain" combine="permit-overrides">
3 <!-- This is finger-print of certificate for TIZEN SDK (tizen.root.preproduction.cert.pem) -->
6 <subject-match attr="distributor-key-root-fingerprint" func="equal">
7 sha-1 AD:A1:44:89:6A:35:6D:17:01:E9:6F:46:C6:00:7B:78:BE:2E:D9:4E
12 <!-- access to NFC -->
13 <rule effect="permit">
14 <condition combine="or">
15 <resource-match attr="device-cap" func="equal" match="nfc.se" />
19 <rule effect="permit">
20 <condition combine="and">
21 <condition combine="or">
22 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
23 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
24 <resource-match attr="device-cap" func="equal" match="messaging.send" />
26 <environment-match attr="roaming" match="true" />
29 <rule effect="permit" />
32 <policy id="Tizen-Policy-Untrusted" description="Tizen's policy for untrusted domain" combine="deny-overrides">
33 <!-- Specific Untrusted Policy for Tizen -->
35 <rule effect="permit">
36 <condition combine="or">
37 <resource-match attr="device-cap" func="equal" match="tizen" />
41 <!-- access to alarm -->
42 <rule effect="permit">
43 <condition combine="or">
44 <resource-match attr="device-cap" func="equal" match="alarm" />
45 <resource-match attr="device-cap" func="equal" match="alarm.read" />
46 <resource-match attr="device-cap" func="equal" match="alarm.write" />
50 <!-- access to application -->
51 <rule effect="permit">
52 <condition combine="or">
53 <resource-match attr="device-cap" func="equal" match="application" />
54 <resource-match attr="device-cap" func="equal" match="application.kill" />
55 <resource-match attr="device-cap" func="equal" match="application.launch" />
56 <resource-match attr="device-cap" func="equal" match="application.read" />
57 <resource-match attr="device-cap" func="equal" match="application.manager" />
58 <resource-match attr="device-cap" func="equal" match="application.service" />
62 <!-- access to bluetooth -->
63 <rule effect="permit">
64 <condition combine="or">
65 <resource-match attr="device-cap" func="equal" match="bluetooth" />
66 <resource-match attr="device-cap" func="equal" match="bluetooth.admin" />
67 <resource-match attr="device-cap" func="equal" match="bluetooth.gap" />
68 <resource-match attr="device-cap" func="equal" match="bluetooth.spp" />
72 <!-- access to calendar -->
73 <rule effect="permit">
74 <condition combine="or">
75 <resource-match attr="device-cap" func="equal" match="calendar" />
76 <resource-match attr="device-cap" func="equal" match="calendar.read" />
77 <resource-match attr="device-cap" func="equal" match="calendar.write" />
81 <!-- access to call history -->
82 <rule effect="permit">
83 <condition combine="or">
84 <resource-match attr="device-cap" func="equal" match="call" />
85 <resource-match attr="device-cap" func="equal" match="call.history" />
86 <resource-match attr="device-cap" func="equal" match="call.history.read" />
87 <resource-match attr="device-cap" func="equal" match="call.history.write" />
88 <resource-match attr="device-cap" func="equal" match="call.state" />
92 <!-- access to contact -->
93 <rule effect="permit">
94 <condition combine="or">
95 <resource-match attr="device-cap" func="equal" match="contact" />
96 <resource-match attr="device-cap" func="equal" match="contact.read" />
97 <resource-match attr="device-cap" func="equal" match="contact.write" />
101 <!-- access to filesystem -->
102 <rule effect="permit">
103 <condition combine="or">
104 <resource-match attr="device-cap" func="equal" match="filesystem" />
105 <resource-match attr="device-cap" func="equal" match="filesystem.read" />
106 <resource-match attr="device-cap" func="equal" match="filesystem.write" />
110 <!-- access to geo coder -->
111 <rule effect="permit">
112 <condition combine="or">
113 <resource-match attr="device-cap" func="equal" match="geocoder" />
117 <!-- access to mediacontent -->
118 <rule effect="permit">
119 <condition combine="or">
120 <resource-match attr="device-cap" func="equal" match="mediacontent" />
121 <resource-match attr="device-cap" func="equal" match="mediacontent.read" />
125 <!-- access to Messaging -->
126 <rule effect="permit">
127 <condition combine="or">
128 <resource-match attr="device-cap" func="equal" match="messaging" />
129 <resource-match attr="device-cap" func="equal" match="messaging.read" />
130 <resource-match attr="device-cap" func="equal" match="messaging.write" />
131 <resource-match attr="device-cap" func="equal" match="messaging.send" />
135 <!-- access to message send on roaming status -->
137 <condition combine="and">
138 <resource-match attr="device-cap" func="equal" match="messaging.send" />
139 <environment-match attr="roaming" match="true" />
143 <!-- access to NFC -->
144 <rule effect="permit">
145 <condition combine="or">
146 <resource-match attr="device-cap" func="equal" match="nfc" />
147 <resource-match attr="device-cap" func="equal" match="nfc.tag" />
148 <resource-match attr="device-cap" func="equal" match="nfs.p2p" />
149 <resource-match attr="device-cap" func="equal" match="nfc.se" />
153 <!-- access to Sensors -->
154 <rule effect="permit">
155 <condition combine="or">
156 <resource-match attr="device-cap" func="equal" match="sensors" />
160 <!-- access to systeminfo -->
161 <rule effect="permit">
162 <condition combine="or">
163 <resource-match attr="device-cap" func="equal" match="systeminfo" />
167 <!-- access to timeutil -->
168 <rule effect="permit">
169 <condition combine="or">
170 <resource-match attr="device-cap" func="equal" match="time" />
171 <resource-match attr="device-cap" func="equal" match="time.read" />
172 <resource-match attr="device-cap" func="equal" match="time.write" />
176 <!-- access to lbs -->
177 <rule effect="permit">
178 <condition combine="or">
179 <resource-match attr="device-cap" func="equal" match="lbs" />
183 <!-- access to map -->
184 <rule effect="permit">
185 <condition combine="or">
186 <resource-match attr="device-cap" func="equal" match="map" />
190 <!-- access to poi -->
191 <rule effect="permit">
192 <condition combine="or">
193 <resource-match attr="device-cap" func="equal" match="poi" />
194 <resource-match attr="device-cap" func="equal" match="poi.read" />
195 <resource-match attr="device-cap" func="equal" match="poi.write" />
199 <!-- access to route -->
200 <rule effect="permit">
201 <condition combine="or">
202 <resource-match attr="device-cap" func="equal" match="route" />
206 <!-- access to external network -->
207 <!-- XMLHttpRequestTizen and externalNetworkAccessTizen defined for Tizen Webapp -->
208 <!-- Function of two capabilities are same to XMLHttpRequest and externalNetworkAccess of WAC -->
209 <rule effect="permit">
210 <condition combine="or">
211 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
212 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
216 <!-- access to external network on roaming status -->
217 <rule effect="permit">
218 <condition combine="and">
219 <condition combine="or">
220 <resource-match attr="device-cap" func="equal" match="XMLHttpRequest" />
221 <resource-match attr="device-cap" func="equal" match="externalNetworkAccess" />
223 <environment-match attr="roaming" match="true" />
227 <!-- access to orientation feature -->
228 <rule effect="permit">
229 <condition combine="or">
230 <resource-match attr="device-cap" func="equal" match="orientation" />