logind: supply default bus policy with minimal access

author: Lennart Poettering <lennart@poettering.net> 2011-06-28 21:56:41 +0200
committer: Lennart Poettering <lennart@poettering.net> 2011-06-28 21:56:41 +0200
commit: 72d8c4afcea592b53dcfb4d8f026cb5cb0fdb64c (patch)
tree: 95608ca365dd9d7d272100547d832f8bc11a872c
parent: c28fa3d32fe0989c286d04406414bb7ef58dab9a (diff)
1 files changed, 56 insertions, 1 deletions
diff --git a/src/org.freedesktop.login1.conf b/src/org.freedesktop.login1.conf
index ebc499da67..dc6a01cb54 100644
--- a/src/org.freedesktop.login1.conf
+++ b/src/org.freedesktop.login1.conf
@@ -20,7 +20,62 @@
         </policy>
 
         <policy context="default">
-                <allow send_destination="org.freedesktop.login1"/>
+                <deny send_destination="org.freedesktop.login1"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.DBus.Introspectable"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.DBus.Peer"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.DBus.Properties"
+                       send_member="Get"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.DBus.Properties"
+                       send_member="GetAll"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Manager"
+                       send_member="GetSession"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Manager"
+                       send_member="GetUser"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Manager"
+                       send_member="GetSeat"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Manager"
+                       send_member="ListSessions"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Manager"
+                       send_member="ListUsers"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Manager"
+                       send_member="ListSeats"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Manager"
+                       send_member="SetUserLinger"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Manager"
+                       send_member="ActivateSession"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Seat"
+                       send_member="ActivateSession"/>
+
+                <allow send_destination="org.freedesktop.login1"
+                       send_interface="org.freedesktop.login1.Session"
+                       send_member="Activate"/>
+
                 <allow receive_sender="org.freedesktop.login1"/>
         </policy>
author	Lennart Poettering <lennart@poettering.net>	2011-06-28 21:56:41 +0200
committer	Lennart Poettering <lennart@poettering.net>	2011-06-28 21:56:41 +0200
commit	72d8c4afcea592b53dcfb4d8f026cb5cb0fdb64c (patch)
tree	95608ca365dd9d7d272100547d832f8bc11a872c
parent	c28fa3d32fe0989c286d04406414bb7ef58dab9a (diff)