« back to all changes in this revision
Viewing changes to data/templates/ubuntu/1.1/ubuntu-webapp
- Committer: Jamie Strandboge
- Date: 2014-08-22 21:38:48 UTC
- Revision ID: jamie@ubuntu.com-20140822213848-053sam7ab8d1f1b8
* ubuntu/1.2/accounts: online accounts now has Mir trusted session support
so move accounts policy group to reserved (LP: #1230091)
* ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content:
- add DBus session and system accesses to scope templates like we have in
the app templates. This allows scopes to talk to trusted helpers like
online accounts and location-service. Actual communication with the
services is still controlled by the respective policy groups.
- add scope-specific access to /run/user/[0-9]*/scopes/leaf-{net,fs}/*
* ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content:
adjust path to settings, it was renamed to settings.ini (LP: #1356930)
* ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content:
- allow rk access to scope specific settings.db
- explicitly noisy deny rw access to unconfined directory
* ubuntu/*: explicitly deny 'w' access to /dev/xLog (LP: #1352432)
* ubuntu/1.2/connectivity: update to use upcoming connectivity DBus API
(LP: #1341548)
* ubuntu/1.[12]/contacts: remove workaround policy since address-book-app
no longer uses the telepathy API (LP: #1227818)
* ubuntu/*: explicitly deny rw access to /dev/fb0. It is both dangerous and
noisy with the camera app
* ubuntu/ubuntu-webapp: receive application-specific Open on
org.freedesktop.Application to allow url-dispatcher working with already
running webapps (LP: #1342129)
* ubuntu/*: explicitly deny noisy access to @{PROC}/xlog (LP: #1352432)
so move accounts policy group to reserved (LP: #1230091)
* ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content:
- add DBus session and system accesses to scope templates like we have in
the app templates. This allows scopes to talk to trusted helpers like
online accounts and location-service. Actual communication with the
services is still controlled by the respective policy groups.
- add scope-specific access to /run/user/[0-9]*/scopes/leaf-{net,fs}/*
* ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content:
adjust path to settings, it was renamed to settings.ini (LP: #1356930)
* ubuntu/1.2/ubuntu-scope-network, pending/ubuntu-scope-local-content:
- allow rk access to scope specific settings.db
- explicitly noisy deny rw access to unconfined directory
* ubuntu/*: explicitly deny 'w' access to /dev/xLog (LP: #1352432)
* ubuntu/1.2/connectivity: update to use upcoming connectivity DBus API
(LP: #1341548)
* ubuntu/1.[12]/contacts: remove workaround policy since address-book-app
no longer uses the telepathy API (LP: #1227818)
* ubuntu/*: explicitly deny rw access to /dev/fb0. It is both dangerous and
noisy with the camera app
* ubuntu/ubuntu-webapp: receive application-specific Open on
org.freedesktop.Application to allow url-dispatcher working with already
running webapps (LP: #1342129)
* ubuntu/*: explicitly deny noisy access to @{PROC}/xlog (LP: #1352432)
- files modified:
- data/policygroups/ubuntu/1.1/contacts
- data/policygroups/ubuntu/1.2/accounts
- data/policygroups/ubuntu/1.2/connectivity
added
removed
data/templates/ubuntu/1.1/ubuntu-webapp
