question about policy permission declarations
9 views
Skip to first unread message
john.david.r.smith
Jan 14, 2017, 8:03:17 AM1/14/17
to qubes-users
hi.
when looking at the policy permissions in '/etc/qubes-rpc/policy' i
noticed the only line 'qubes.USB' contains is:
$anyvm $anyvm deny
why is that line there?
as far as i understood it has no effect as any other declaration of the
form:
$anyvm <SOME_DEST> deny
since deny is the default action and this rule will catch any vm. (the
only effect would be that all following permission declarations
targeting the destination are ignored.
but now i am not sure anymore..
so can someone tell me whether my understanding of the permissions is
correct?
-john
when looking at the policy permissions in '/etc/qubes-rpc/policy' i
noticed the only line 'qubes.USB' contains is:
$anyvm $anyvm deny
why is that line there?
as far as i understood it has no effect as any other declaration of the
form:
$anyvm <SOME_DEST> deny
since deny is the default action and this rule will catch any vm. (the
only effect would be that all following permission declarations
targeting the destination are ignored.
but now i am not sure anymore..
so can someone tell me whether my understanding of the permissions is
correct?
-john
Reply all
Reply to author
Forward
0 new messages