diff options
author | Hyotaek Shim <hyotaek.shim@samsung.com> | 2019-01-18 10:42:16 +0900 |
---|---|---|
committer | Hyotaek Shim <hyotaek.shim@samsung.com> | 2019-01-18 10:42:21 +0900 |
commit | 2a27051551777c3e370d898c086c0707fda9e353 (patch) | |
tree | fa359c945449a409a0865597ddcd007170686edd | |
parent | d4574fda97d6c31addc73ef19a86edc34bb4f782 (diff) | |
parent | a791590b5fa2452c66508f301bb8452aff79fe58 (diff) | |
download | libdbuspolicy-2a27051551777c3e370d898c086c0707fda9e353.tar.gz libdbuspolicy-2a27051551777c3e370d898c086c0707fda9e353.tar.bz2 libdbuspolicy-2a27051551777c3e370d898c086c0707fda9e353.zip |
Merge branch 'tizen' into tizen_5.0submit/tizen_5.0/20190118.024626submit/tizen_5.0/20190118.014615accepted/tizen/5.0/unified/20190123.074210
Change-Id: Ie2966e7af8be301a746bd1ee5d9fc0f753d42016
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
-rw-r--r-- | Makefile.am | 5 | ||||
-rwxr-xr-x | src/libdbuspolicy1.c | 1 | ||||
-rw-r--r-- | src/test-libdbuspolicy1-send_destination_prefix-deny.cpp | 164 | ||||
-rwxr-xr-x | src/test_runner.c | 28 | ||||
-rw-r--r-- | src/test_runner.h | 2 | ||||
-rw-r--r-- | tests/default_deny/system.d/send_destination_prefix.test.conf | 99 |
6 files changed, 285 insertions, 14 deletions
diff --git a/Makefile.am b/Makefile.am index e7b63a1..35c5d37 100644 --- a/Makefile.am +++ b/Makefile.am @@ -83,7 +83,8 @@ TESTS = src/test-libdbuspolicy1-ownership \ src/test-libdbuspolicy1-ownership-deny \ src/test-libdbuspolicy1-signal \ src/test-libdbuspolicy1-method \ - src/test-libdbuspolicy1-access-deny + src/test-libdbuspolicy1-access-deny \ + src/test-libdbuspolicy1-send_destination_prefix-deny check_PROGRAMS = $(TESTS) @@ -92,6 +93,7 @@ src_test_libdbuspolicy1_ownership_deny_SOURCES = src/test-libdbuspolicy1-ownersh src_test_libdbuspolicy1_signal_SOURCES = src/test-libdbuspolicy1-signal.cpp src_test_libdbuspolicy1_method_SOURCES = src/test-libdbuspolicy1-method.cpp src_test_libdbuspolicy1_access_deny_SOURCES = src/test-libdbuspolicy1-access-deny.cpp +src_test_libdbuspolicy1_send_destination_prefix_deny_SOURCES = src/test-libdbuspolicy1-send_destination_prefix-deny.cpp noinst_LTLIBRARIES = src/libinternal.a src_libinternal_a_SOURCES =\ @@ -109,6 +111,7 @@ src_test_libdbuspolicy1_ownership_deny_LDADD = $(TESTS_LDADD) src_test_libdbuspolicy1_signal_LDADD = $(TESTS_LDADD) src_test_libdbuspolicy1_method_LDADD = $(TESTS_LDADD) src_test_libdbuspolicy1_access_deny_LDADD = $(TESTS_LDADD) +src_test_libdbuspolicy1_send_destination_prefix_deny_LDADD = $(TESTS_LDADD) if ENABLE_STANDALONE_TESTS noinst_LTLIBRARIES += src/libinternalfortests.a diff --git a/src/libdbuspolicy1.c b/src/libdbuspolicy1.c index 4dbef29..3d26e84 100755 --- a/src/libdbuspolicy1.c +++ b/src/libdbuspolicy1.c @@ -157,6 +157,7 @@ static bool dbuspolicy_init_once(void) if (r < 0 || r >= (long int)sizeof(g_udesc.label)) /* read */ return true; + buf[r] = 0; g_udesc.uid = getuid(); g_udesc.gid = getgid(); diff --git a/src/test-libdbuspolicy1-send_destination_prefix-deny.cpp b/src/test-libdbuspolicy1-send_destination_prefix-deny.cpp new file mode 100644 index 0000000..c2d5a45 --- /dev/null +++ b/src/test-libdbuspolicy1-send_destination_prefix-deny.cpp @@ -0,0 +1,164 @@ +#include <string> +#include <dbuspolicy1/libdbuspolicy1.h> +#include "internal/internal.h" +#include "internal/policy.hpp" +#include "libdbuspolicy1-private.h" + +struct Test { + bool expected_result; + uid_t user; + gid_t group; + const char *label; + const char *destination; + const char *path; + const char *interface; + const char *member; + ldp_xml_parser::MessageType type; +}; + +const int ROOT = 0; + +#define TC(expected_result, names) \ + {(expected_result), ROOT, ROOT, "User::Shell", (names), "/", "a.b", "d", ldp_xml_parser::MessageType::METHOD_CALL} + +/** + * This test set tests ability to parse xml db + * and check sending privilege in use cases + * checking send_destination_prefix + */ +struct Test tests[]={ + /* straight-forward tests - base allow */ + TC(true, "org.tizen.test.dest_prefix.ap"), + TC(true, "org.tizen.test.dest_prefix.ap.f.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.apf"), + TC(false, "org.tizen.test.dest_prefix.apf.f.f.f.f"), + /* multiple names owned */ + TC(true, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.ap.f"), + TC(true, "org.tizen.test.dest_prefix.ap.f org.tizen.test.dest_prefix.ao"), + TC(false, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ap.f"), + TC(false, "org.tizen.test.dest_prefix.ap.f org.tizen.test.dest_prefix.do"), + /* target holes in default allow */ + TC(false, "org.tizen.test.dest_prefix.ap.1.d"), + TC(false, "org.tizen.test.dest_prefix.ap.1.dp"), + TC(false, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f org.tizen.test.dest_prefix.ao"), + TC(false, "org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f org.tizen.test.dest_prefix.ap"), + TC(false, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.ap org.tizen.test.dest_prefix.ap.1.dp.f.f.f.f"), + /* target holes in holes in default allow */ + TC(true, "org.tizen.test.dest_prefix.ap.1.d.ap"), + TC(true, "org.tizen.test.dest_prefix.ap.1.d.ap.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.ap.1.dp.ap"), + TC(true, "org.tizen.test.dest_prefix.ap.1.dp.ap.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.ap.1.dp.a"), + /* check redefinitions in default allow */ + TC(false, "org.tizen.test.dest_prefix.ap.2.apxdp"), + TC(false, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.ap.2.apxdp.dp"), + TC(false, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap"), + TC(false, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.d"), + TC(true, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.a"), + TC(true, "org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.a"), + TC(true, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap"), + TC(true, "org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap.f.f.f"), + /* totally cancelling previous definitions in default allow */ + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap"), + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap.ap"), + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp"), + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap"), + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.a"), + /* straight-forward tests - base deny */ + TC(false, "org.tizen.test.dest_prefix.dp"), + TC(false, "org.tizen.test.dest_prefix.dp.f.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.dpf"), + TC(false, "org.tizen.test.dest_prefix.dpf.f.f.f.f"), + /* multiple names owned */ + TC(false, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.dp.f"), + TC(false, "org.tizen.test.dest_prefix.dp.f org.tizen.test.dest_prefix.do"), + TC(false, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.dp.f"), + TC(false, "org.tizen.test.dest_prefix.dp.f org.tizen.test.dest_prefix.ao"), + /* target holes in default deny */ + TC(true, "org.tizen.test.dest_prefix.dp.1.a"), + TC(true, "org.tizen.test.dest_prefix.dp.1.ap"), + TC(true, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f org.tizen.test.dest_prefix.do"), + TC(true, "org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f org.tizen.test.dest_prefix.dp"), + TC(true, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.dp org.tizen.test.dest_prefix.dp.1.ap.f.f.f.f"), + /* target holes in holes in default demy */ + TC(false, "org.tizen.test.dest_prefix.dp.1.a.dp"), + TC(false, "org.tizen.test.dest_prefix.dp.1.a.dp.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.dp.1.ap.dp"), + TC(false, "org.tizen.test.dest_prefix.dp.1.ap.dp.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.dp.1.ap.d"), + /* check redefinitions in default deny */ + TC(true, "org.tizen.test.dest_prefix.dp.2.dpxap"), + TC(true, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.dp.2.dpxap.ap"), + TC(true, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp"), + TC(true, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.f.f.f"), + TC(true, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.a"), + TC(false, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.d"), + TC(false, "org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.d"), + TC(false, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp"), + TC(false, "org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp.f.f.f"), + /* totally cancelling previous definitions in default deny */ + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp"), + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp.dp"), + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap"), + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp"), + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp.f.f.f.f"), + TC(false, "org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.d"), + /* checking order in multiple names case */ + TC(false, "org.tizen.test.dest_prefix.ao org.tizen.test.dest_prefix.do"), + TC(true, "org.tizen.test.dest_prefix.ao.ao org.tizen.test.dest_prefix.do"), + TC(false, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ao"), + TC(true, "org.tizen.test.dest_prefix.do org.tizen.test.dest_prefix.ao.ao"), +}; + +void test_print(struct Test* t, bool result) { + printf("uid = %lu, gid = %lu, label = %s, destination = %s, expected = %d, result = %d", + (unsigned long)t->user, (unsigned long)t->group, t->label, t->destination, (int)t->expected_result, (int)result); +} + +bool test() +{ + unsigned i = 0; + bool flag = true; + bool ret = true; + + __internal_init(false, "tests/default_deny/system.conf"); + + for (i = 0; i < sizeof(tests)/sizeof(struct Test); i++) { + ret = __internal_can_send(SYSTEM_BUS, tests[i].user, + tests[i].group, tests[i].label, tests[i].destination, + tests[i].path, tests[i].interface, tests[i].member, + (int)tests[i].type); + + if (tests[i].expected_result != ret) { + printf("[ERROR][%d] test failed: %d %d ", i, (int)((tests[i].expected_result)), ret); + test_print(&tests[i], ret); + printf("\n"); + flag = false; + } + } + return flag; +} + +int main() +{ + __internal_init_once(); + if (!test()) + return -1; + return 0; +} diff --git a/src/test_runner.c b/src/test_runner.c index 5c9cc42..9e9dbe0 100755 --- a/src/test_runner.c +++ b/src/test_runner.c @@ -338,7 +338,7 @@ void parse_test_state(const struct binary* b, const char* test_name, char* buffe { int k = 0; buffer[state_option] = 0; - get_test_id(test_id, b, test_name); + get_test_id(test_id, sizeof test_id, b, test_name); fprintf(stderr, "[stdout][%s]%s\n", test_id, buffer); while ((k = sm_update(buffer, k))) { const char* t_name = sm_get_result(0); @@ -346,7 +346,7 @@ void parse_test_state(const struct binary* b, const char* test_name, char* buffe bool is_successful = result_code[0] == '1' && result_code[1] == 0; const char* result_text = is_successful ? "PASS" : "FAIL"; - get_test_id(test_id, b, t_name); + get_test_id(test_id, sizeof test_id, b, t_name); add_test_result(test_id, result_text, "", is_successful); sm_reset(); } @@ -354,18 +354,18 @@ void parse_test_state(const struct binary* b, const char* test_name, char* buffe break; case NEW_STDERR: buffer[state_option] = 0; - get_test_id(test_id, b, test_name); + get_test_id(test_id, sizeof test_id, b, test_name); fprintf(stderr, "[stderr][%s]%s\n", test_id, buffer); break; case RESULT_CODE: if (state_option != 0) - add_test_result(get_test_id(test_id, b, test_name), "FAIL", "Test exited with error code", 0); + add_test_result(get_test_id(test_id, sizeof test_id, b, test_name), "FAIL", "Test exited with error code", 0); break; case RESULT_SIGNAL: - add_test_result(get_test_id(test_id, b, test_name), "FAIL", "Finished by SIGNAL", 0); + add_test_result(get_test_id(test_id, sizeof test_id, b, test_name), "FAIL", "Finished by SIGNAL", 0); break; case RESULT_TIMEOUT: - add_test_result(get_test_id(test_id, b, test_name), "FAIL", "Test TIMEOUT", 0); + add_test_result(get_test_id(test_id, sizeof test_id, b, test_name), "FAIL", "Test TIMEOUT", 0); break; } } @@ -388,11 +388,15 @@ static int test_results_i; static char buffer[MAX_BUFFER]; static const char* requested_tc[MAX_TC_NUM]; -char* get_test_id(char* dest, const struct binary* b, const char* test_name) +char* get_test_id(char *dest, size_t dest_len, const struct binary* b, const char* test_name) { - int len = strlen(b->name); - memcpy(dest, b->name, len); - memcpy(dest + len, test_name, strlen(test_name)+1); + const size_t name_len = strlen(b->name); + const size_t test_len = strlen(test_name); + + assert(name_len + test_len < dest_len); + + memcpy(dest, b->name, name_len); + memcpy(dest + name_len, test_name, test_len + 1); return dest; } @@ -592,7 +596,7 @@ static void run_test(const struct binary* b, const char* test_name) if (b->init) if (!b->init()) { - add_test_result(get_test_id(test_id, b, test_name), "ERROR", "Internal error: Cannot init test", 0); + add_test_result(get_test_id(test_id, sizeof test_id, b, test_name), "ERROR", "Internal error: Cannot init test", 0); return; } @@ -600,7 +604,7 @@ static void run_test(const struct binary* b, const char* test_name) if (res > 0) parse_output_with_timeout(b, res, test_name); else - add_test_result(get_test_id(test_id, b, test_name), "ERROR", "Internal error: Cannot start test", 0); + add_test_result(get_test_id(test_id, sizeof test_id, b, test_name), "ERROR", "Internal error: Cannot start test", 0); if (b->clean) b->clean(); diff --git a/src/test_runner.h b/src/test_runner.h index d297238..14f8ec0 100644 --- a/src/test_runner.h +++ b/src/test_runner.h @@ -62,7 +62,7 @@ struct binary { int (*clean)(void); }; -char* get_test_id(char* dest, const struct binary* b, const char* test_name); +char* get_test_id(char *dest, size_t dest_len, const struct binary* b, const char* test_name); void add_test_result(const char* test_id, const char* result, const char* comment, int res); diff --git a/tests/default_deny/system.d/send_destination_prefix.test.conf b/tests/default_deny/system.d/send_destination_prefix.test.conf new file mode 100644 index 0000000..b0496d5 --- /dev/null +++ b/tests/default_deny/system.d/send_destination_prefix.test.conf @@ -0,0 +1,99 @@ +<!DOCTYPE busconfig PUBLIC + "-//tizen//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.tizen.org/standards/dbus/1.0/busconfig.dtd"> +<busconfig> + + <policy user="root"> + <!-- org.tizen.test.dest_prefix as a base for testing names --> + <allow own_prefix="org.tizen.test.dest_prefix"/> + + <!-- abbreviations: + a - allow + d - deny + p - prefix + o - other + n - no_prefix + f - filler, no meaning, just for longer names + x - it's a trap! + --> + <!-- base allow --> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap"/> + + <!-- a neighbour for base allow --> + <allow send_destination="org.tizen.test.dest_prefix.ao"/> + + <!-- cut out some part of allowed space --> + <deny send_destination="org.tizen.test.dest_prefix.ap.1.d"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.ap.1.dp"/> + + <!-- punch holes in the cutout --> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap.1.d.ap"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap.1.dp.ap"/> + <allow send_destination="org.tizen.test.dest_prefix.ap.1.dp.a"/> + + <!-- define something but redefine other way --> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap.2.apxdp"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.ap.2.apxdp.dp"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap"/> + <deny send_destination="org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.d"/> + <!-- redefine --> + <deny send_destination_prefix="org.tizen.test.dest_prefix.ap.2.apxdp"/> + <allow send_destination="org.tizen.test.dest_prefix.ap.2.apxdp.dp.a"/> + <allow send_destination="org.tizen.test.dest_prefix.ap.2.apxdp.dp.ap.f.a"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap.2.apxdp.f.f.f.ap"/> + + <!-- make something complicated but allow it at the end --> + <deny send_destination_prefix="org.tizen.test.dest_prefix.ap.3.dpxap"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap.3.dpxap.ap"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.ap"/> + <allow send_destination="org.tizen.test.dest_prefix.ap.3.dpxap.ap.dp.a"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.ap.3.dpxap"/> + + <!-- base deny --> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp"/> + + <!-- a neighbour for base deny --> + <deny send_destination="org.tizen.test.dest_prefix.do"/> + <allow send_destination="org.tizen.test.dest_prefix.ao.ao"/> + + <!-- cut out some part of allowed space --> + <allow send_destination="org.tizen.test.dest_prefix.dp.1.a"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.dp.1.ap"/> + + <!-- punch holes in the cutout --> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp.1.a.dp"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp.1.ap.dp"/> + <deny send_destination="org.tizen.test.dest_prefix.dp.1.ap.d"/> + + <!-- define something but redefine other way --> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp.2.dpxap"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.dp.2.dpxap.ap"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp"/> + <allow send_destination="org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.a"/> + <!-- redefine --> + <allow send_destination_prefix="org.tizen.test.dest_prefix.dp.2.dpxap"/> + <deny send_destination="org.tizen.test.dest_prefix.dp.2.dpxap.ap.d"/> + <deny send_destination="org.tizen.test.dest_prefix.dp.2.dpxap.ap.dp.f.d"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp.2.dpxap.f.f.f.dp"/> + + <!-- make something complicated but deny it at the end --> + <allow send_destination_prefix="org.tizen.test.dest_prefix.dp.3.apxdp"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp.3.apxdp.dp"/> + <allow send_destination_prefix="org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.dp"/> + <deny send_destination="org.tizen.test.dest_prefix.dp.3.apxdp.dp.ap.d"/> + <deny send_destination_prefix="org.tizen.test.dest_prefix.dp.3.apxdp"/> + + </policy> + + <policy context="default"> + <deny send_destination_prefix="org.tizen.test"/> + </policy> + + <policy at_console="true"> + <!-- just check that it will be never loaded --> + <deny send_destination_prefix="org.tizen.test"/> + </policy> +</busconfig> +<!-- vim: set ft=xml: --> |