Resources | developer.brewmp.com Resources | developer.brewmp.com

Developer

resources

Default ACLs

There are default system ACLs that apply unless overridden by module ACLs. These default ACLs are as follows:

  • Any application can read (enumerate) the root directory (fs:/), but not its contents (files and subdirectories).
  • Any application can read fs:/mif and its contents.
  • Any application can read fs:/mod, but not its contents.
  • Any application can read fs:/sys and its contents. This also means that any application can read (enumerate) the fs:/sys/mod directory, but module ACLs can prevent them reading the contents of the directories.

    For example, if there are three modules, foo1, foo2, and foo3 in fs:/sys/mod, any application can see the directories fs:/sys/mod/foo1, fs:/sys/mod/foo2, and fs:/sys/mod/foo, but does not have read or write access to those directories.

  • No applications can access to fs:/sys/priv.
  • No applications has access to fs:/sys/download unless they have PL_DOWNLOAD privilege, in which case they have read-write access to fs:/sys/download.
  • All applications have read access to fs:/shared and its contents. Only those with privilege PL_SHARED_WRITE have write access to fs:/shared.
  • Only applications with PL_RINGER_WRITE privilege have read access to fs:/ringers and read-write access to the contents of fs:/ringers.
  • Only applications with PL_ADDRBOOK privilege have read access to fs:/address and read-write access to the contents of fs:/address.
  • Only applications with CARD0_ACCESS privilege have read access to fs:/card0 and read-write access to the contents of fs:/card0.