blob: 6e1acddbf705aeba6601dd4afc13d9cbad684a7f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
AutoGenerateAegisFile
<!-- Aegis manifest declares the security credentials required by an
application to run correctly. By default, a manifest file will be
created or updated automatically as a part of build.
The detection of required credentials is based on static scan of
application binaries. In some cases, the scan may not be able to
detect the correct set of permissions. If this is the case, you must
declare the credentials required by your application in this file.
To create a manifest file automatically as a part of build (DEFAULT):
* Make sure this file starts with the string "AutoGenerateAegisFile" (without quotes).
* Alternatively, it can also be completely empty.
To provide a manifest yourself:
* List the correct credentials for the application in this file.
* Some commented-out examples of often required tokens are provided.
* Ensure the path to your application binary given in
'<for path="/path/to/app" />' is correct.
* Please do not request more credentials than what your application
actually requires.
To disable manifest file:
* Replace this file with a file starting with the string "NoAegisFile" (without quotes).
* Final application package will not contain a manifest.
-->
<aegis>
<request policy="add">
<!-- Make a GSM call, send text messages (SMS). -->
<!--
<credential name="Cellular" />
-->
<!-- Access Facebook social data. -->
<!--
<credential name="FacebookSocial" />
-->
<!-- Read access to data stored in tracker. -->
<!--
<credential name="TrackerReadAccess" />
-->
<!-- Read and write access to data stored in tracker. -->
<!--
<credential name="TrackerWriteAccess" />
-->
<!-- Read Location information. -->
<!--
<credential name="Location" />
-->
<!-- Access to Audio, Multimedia and Camera. -->
<!--
<credential name="GRP::pulse-access" />
<credential name="GRP::video" />
<credential name="GRP::audio" />
-->
</request>
<for path="/opt/tapasboard/bin/tapasboard" />
<for path="applauncherd-launcher::/usr/bin/applauncherd.bin" id="" />
</aegis>
|