| The Android Open Source Project | 4f6e8d7 | 2008-10-21 07:00:00 -0700 | [diff] [blame^] | 1 | <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-Bus Bus Configuration 1.0//EN" |
| 2 | "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> |
| 3 | <busconfig> |
| 4 | |
| 5 | <!-- Our well-known bus type, do not change this --> |
| 6 | <type>system</type> |
| 7 | |
| 8 | <!-- Fork into daemon mode --> |
| 9 | <fork/> |
| 10 | |
| 11 | <!-- Only allow socket-credentials-based authentication --> |
| 12 | <auth>EXTERNAL</auth> |
| 13 | |
| 14 | <!-- Only listen on a local socket. (abstract=/path/to/socket |
| 15 | means use abstract namespace, don't really create filesystem |
| 16 | file; only Linux supports this. Use path=/whatever on other |
| 17 | systems.) --> |
| 18 | <listen>unix:path=/dev/socket/dbus</listen> |
| 19 | |
| 20 | <policy context="default"> |
| 21 | <!-- Deny everything then punch holes --> |
| 22 | <deny send_interface="*"/> |
| 23 | <deny receive_interface="*"/> |
| 24 | <deny own="*"/> |
| 25 | <!-- But allow all users to connect --> |
| 26 | <allow user="*"/> |
| 27 | <!-- Allow anyone to talk to the message bus --> |
| 28 | <!-- FIXME I think currently these allow rules are always implicit |
| 29 | even if they aren't in here --> |
| 30 | <allow send_destination="org.freedesktop.DBus"/> |
| 31 | <allow receive_sender="org.freedesktop.DBus"/> |
| 32 | <!-- valid replies are always allowed --> |
| 33 | <allow send_requested_reply="true"/> |
| 34 | <allow receive_requested_reply="true"/> |
| 35 | </policy> |
| 36 | |
| 37 | |
| 38 | <!-- Now punch holes for bluetooth --> |
| 39 | |
| 40 | <policy context="default"> |
| 41 | <allow own="*"/> |
| 42 | <allow user="*"/> |
| 43 | <allow send_destination="org.bluez.PasskeyAgent"/> |
| 44 | <allow receive_sender="org.bluez.PasskeyAgent"/> |
| 45 | <allow send_path="/org/bluez/PasskeyAgent"/> |
| 46 | </policy> |
| 47 | |
| 48 | <policy user="root"> |
| 49 | <allow own="org.bluez"/> |
| 50 | </policy> |
| 51 | |
| 52 | <policy at_console="true"> |
| 53 | <allow send_destination="org.bluez.Adapter"/> |
| 54 | <allow receive_sender="org.bluez.Adapter"/> |
| 55 | |
| 56 | <allow send_path="/org/bluez/Adapter"/> |
| 57 | |
| 58 | <allow send_destination="org.bluez.Manager"/> |
| 59 | <allow receive_sender="org.bluez.Manager"/> |
| 60 | |
| 61 | <allow send_path="/org/bluez/Manager"/> |
| 62 | |
| 63 | <allow send_destination="org.bluez.Security"/> |
| 64 | <allow receive_sender="org.bluez.Security"/> |
| 65 | </policy> |
| 66 | |
| 67 | </busconfig> |