Git-Mirrors/qubes-doc
1
0
Fork 0
mirror of https://github.com/QubesOS/qubes-doc.git synced 2024-12-28 08:49:42 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix issue link

Browse Source
This commit is contained in:
Jean-Philippe Ouellet 2016-11-11 04:23:23 -05:00
parent d66eda80bc
commit 6359f87ecd
No known key found for this signature in database
GPG Key ID: E7E455013D042EA1
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
services/qrexec3.md
View File

@ -187,9 +187,10 @@ _after_ considering the action.
Sometimes just service name isn't enough to make reasonable qrexec policy. One Sometimes just service name isn't enough to make reasonable qrexec policy. One
example of such situation is [qrexec-based USB example of such situation is [qrexec-based USB
passthrough](https://github.com/qubesos/qubes-issues/531) - using just service passthrough](https://github.com/qubesos/qubes-issues/issues/531) - using just
name it isn't possible to express policy "allow access to device X and deny to service name it isn't possible to express policy "allow access to device X and
others". It isn't also feasible to create separate service for every device... deny to others". It isn't also feasible to create separate service for every
device...
For this reason, starting with Qubes 3.2, it is possible to specify service For this reason, starting with Qubes 3.2, it is possible to specify service
argument, which will be subject to policy. Besides above example of USB argument, which will be subject to policy. Besides above example of USB