core-admin/qubes-rpc-policy/admin.vm.Terminal.policy
2019-04-30 17:25:23 +02:00

13 lines
499 B
Plaintext

## Note that policy parsing stops at the first match,
## so adding anything below "$anyvm $anyvm action" line will have no effect
## Please use a single # to start your custom comments
$anyvm $anyvm deny,target=dom0
# WARNING: The qubes.ShowTerminal service is dangerous and allows any
# qube to access any other qube console. It should be restricted
# only to management/admin qubes. This is why the default policy is 'deny'
# Example of policy: mgmtvm $tag:created-by-mgmtvm allow,target=dom0