core-admin/qubes-rpc-policy/admin.vm.Console.policy

## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect

## Please use a single # to start your custom comments

# WARNING: The admin.vm.Console service is dangerous and allows any
# qube to access any other qube console. It should be restricted
# only to management/admin qubes. This is why the default policy is 'deny'

# Example of policy: mgmtvm $tag:created-by-mgmtvm allow,target=dom0
Add qubes.ShowTerminal service 2019-04-30 11:23:23 +02:00			`## Note that policy parsing stops at the first match,`
			`## so adding anything below "$anyvm $anyvm action" line will have no effect`

			`## Please use a single # to start your custom comments`

Rename and fix from Marek's comments 2019-05-07 13:54:29 +02:00			`# WARNING: The admin.vm.Console service is dangerous and allows any`
Add qubes.ShowTerminal service 2019-04-30 11:23:23 +02:00			`# qube to access any other qube console. It should be restricted`
			`# only to management/admin qubes. This is why the default policy is 'deny'`

			`# Example of policy: mgmtvm $tag:created-by-mgmtvm allow,target=dom0`