| <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" |
| "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> |
| <!-- |
| Copyright (c) 2012 The Chromium OS Authors. All rights reserved. |
| Use of this source code is governed by a BSD-style license that can be |
| found in the LICENSE file. |
| --> |
| <busconfig> |
| <policy user="root"> |
| <allow own="org.chromium.SessionManager" /> |
| <allow send_destination="org.chromium.SessionManager" /> |
| |
| <!-- Only root should be allowed to call InitMachineInfo. --> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="InitMachineInfo"/> |
| </policy> |
| |
| <policy user="arc-keymasterd"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrievePrimarySession"/> |
| </policy> |
| |
| <policy user="crosvm"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrievePrimarySession"/> |
| </policy> |
| |
| <policy user="authpolicyd"> |
| <!-- |
| To prevent the use of unsigned policy for persisting a browser exploit, |
| writing unsigned policy is restricted to the authpolicy daemon. |
| --> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StoreUnsignedPolicyEx"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="ListStoredComponentPolicies"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveSessionState"/> |
| </policy> |
| |
| <policy user="chronos"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="EmitLoginPromptVisible"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="EmitAshInitialized"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="SaveLoginPassword"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="LoginScreenStorageStore"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="LoginScreenStorageRetrieve"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="LoginScreenStorageListKeys"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="LoginScreenStorageDelete"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StartSession"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StopSession"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StopSessionWithReason"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="LockScreen"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="HandleLockScreenShown"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="HandleLockScreenDismissed"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RestartJob"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StorePolicyEx"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrievePolicyEx"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveDeviceLocalAccountPolicy"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveSessionState"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveActiveSessions"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="IsGuestSessionActive"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StartDeviceWipe"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StartRemoteDeviceWipe"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="ClearForcedReEnrollmentVpd"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StartTPMFirmwareUpdate"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="SetFlagsForUser"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="GetServerBackedStateKeys"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="HandleSupervisedUserCreationStarting"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="HandleSupervisedUserCreationFinished"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StartArcMiniContainer"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="UpgradeArcContainer"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StopArcInstance"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="SetArcCpuRestriction"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="EmitArcBooted"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="GetArcStartTimeTicks"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="EnableAdbSideload"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="QueryAdbSideload"/> |
| </policy> |
| |
| <policy user="devbroker"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="QueryAdbSideload"/> |
| </policy> |
| |
| <policy user="crash"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveActiveSessions"/> |
| </policy> |
| |
| <policy user="vm_cicerone"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveActiveSessions"/> |
| </policy> |
| |
| <policy user="kerberosd"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrievePrimarySession"/> |
| </policy> |
| |
| <policy user="dlcservice"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrievePrimarySession"/> |
| </policy> |
| |
| <policy user="power"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="LockScreen"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveSessionState"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="StopSession"/> |
| </policy> |
| |
| <policy user="biod"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveActiveSessions"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrievePrimarySession"/> |
| </policy> |
| |
| <policy user="u2f"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrievePrimarySession"/> |
| </policy> |
| |
| <policy user="cdm-oemcrypto"> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrievePrimarySession"/> |
| <allow send_destination="org.chromium.SessionManager" |
| send_interface="org.chromium.SessionManagerInterface" |
| send_member="RetrieveSessionState"/> |
| </policy> |
| </busconfig> |