Modify dbus policy conf file

Add deny policy to resolve policychecker warning

Change-Id: I3c2e1e7c61fcb953536f8fdf2bc52c928b262ce0

diff --git a/bt-core/bluetooth-frwk-core.conf b/bt-core/bluetooth-frwk-core.conf
index 815a54a..665f75c 100755 (executable)
--- a/bt-core/bluetooth-frwk-core.conf
+++ b/bt-core/bluetooth-frwk-core.conf
@@ -3,12 +3,23 @@
 <busconfig>
     <policy user="root">
         <allow own="org.projectx.bt_core"/>
-    </policy>
-    <policy at_console="true">
-        <allow send_destination="org.projectx.bt_core" />
+        <allow receive_sender="org.projectx.bt_core"/>
+        <allow send_destination="org.projectx.bt_core"/>
     </policy>
     <policy context="default">
-        <allow send_destination="org.projectx.bt_core" />
+        <deny own="org.projectx.bt_core"/>
+        <deny receive_sender="org.projectx.bt_core"/>
+        <deny send_destination="org.projectx.bt_core"/>
+    </policy>
+    <policy group="network_fw">
+        <allow own="org.projectx.bt_core"/>
+        <allow receive_sender="org.projectx.bt_core"/>
+        <allow send_destination="org.projectx.bt_core"/>
+    </policy>
+    <policy group="system_fw">
+        <allow own="org.projectx.bt_core"/>
+        <allow receive_sender="org.projectx.bt_core"/>
+        <allow send_destination="org.projectx.bt_core"/>
     </policy>
 </busconfig>
 

diff --git a/bt-service/bluetooth-frwk-service.conf.in b/bt-service/bluetooth-frwk-service.conf.in
index 8fc61f5..34586e9 100644 (file)
--- a/bt-service/bluetooth-frwk-service.conf.in
+++ b/bt-service/bluetooth-frwk-service.conf.in
@@ -1,25 +1,30 @@
 <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
  "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
 <busconfig>
-    <policy group="system">
+    <policy user="root">
         <allow own="org.projectx.bt"/>
-        <allow own="org.projectx.bt_event"/>
-        <allow own="org.projectx.bluetooth.share"/>
-        <allow own="org.bluez.ag_agent"/>
-        <allow own="org.tizen.csd.Call.Instance"/>
+        <allow send_destination="org.projectx.bt"/>
+        <allow own="org.bluez.obex"/>
+        <allow send_destination="org.bluez.obex"/>
     </policy>
-    <policy group="root">
+    <policy group="network_fw">
         <allow own="org.projectx.bt"/>
-        <allow own="org.projectx.bt_event"/>
-        <allow own="org.projectx.bluetooth.share"/>
-        <allow own="org.bluez.ag_agent"/>
-        <allow own="org.tizen.csd.Call.Instance"/>
-    </policy>
-    <policy at_console="true">
         <allow send_destination="org.projectx.bt"/>
+        <allow own="org.bluez.obex"/>
+        <allow send_destination="org.bluez.obex"/>
+        <allow own="org.projectx.bluetooth.share"/>
+        <allow send_destination="org.projectx.bluetooth.share"/>
     </policy>
     <policy context="default">
-        <allow send_destination="org.projectx.bt"/>
+        <deny own="org.projectx.bt"/>
+        <deny send_destination="org.projectx.bt"/>
+        <deny own="org.bluez.obex"/>
+        <deny send_destination="org.bluez.obex"/>
+        <allow send_destination="org.projectx.bt" send_interface="org.projectx.bt"/>
+        <allow send_destination="org.projectx.bt" send_interface="org.freedesktop.DBus.Properties" send_member="GetAll"/>
+        <check send_destination="org.projectx.bt" send_interface="org.bluez.Agent1" privilege="http://tizen.org/privilege/bluetooth.admin"/>
+        <allow send_destination="org.projectx.bt" send_interface="org.bluez.obex.reply"/>
+        <deny own="org.projectx.bluetooth.share"/>
+        <deny send_destination="org.projectx.bluetooth.share"/>
     </policy>
 </busconfig>
-