etc/Cryptohome.conf - chromiumos/platform/cryptohome - Git at Google

 <!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
   "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
 <busconfig>
   <policy user="root">
     <allow own="org.chromium.Cryptohome" />
     <allow send_destination="org.chromium.Cryptohome" />
   </policy>
   <policy user="chronos">
     <!-- introspection is denied -->
     <deny send_destination="org.chromium.Cryptohome"
           send_interface="org.freedesktop.DBus.Introspectable" />
     <!-- properties denied -->
     <deny send_destination="org.chromium.Cryptohome"
           send_interface="org.freedesktop.DBus.Properties" />
     <!-- allow explicit methods -->
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="CheckKey"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="AsyncCheckKey"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="MigrateKey"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="AsyncMigrateKey"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="Remove"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="AsyncRemove"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="GetSystemSalt"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="IsMounted"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="Mount"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="AsyncMount"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="MountGuest"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="AsyncMountGuest"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="Unmount"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="RemoveTrackedSubdirectories"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="AsyncRemoveTrackedSubdirectories"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="DoAutomaticFreeDiskSpaceControl"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="AsyncDoAutomaticFreeDiskSpaceControl"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="TpmIsReady"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="TpmIsEnabled"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="TpmGetPassword"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="TpmIsOwned"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="TpmIsBeingOwned"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="TpmCanAttemptOwnership"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="TpmClearStoredPassword"/>
     <allow send_destination="org.chromium.Cryptohome"
            send_interface="org.chromium.CryptohomeInterface"
            send_member="GetStatusString"/>
   </policy>
   <policy context="default">
     <deny send_destination="org.chromium.Cryptohome" />
   </policy>
 </busconfig>
	<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
	"http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
	<busconfig>
	<policy user="root">
	<allow own="org.chromium.Cryptohome" />
	<allow send_destination="org.chromium.Cryptohome" />
	</policy>
	<policy user="chronos">
	<!-- introspection is denied -->
	<deny send_destination="org.chromium.Cryptohome"
	send_interface="org.freedesktop.DBus.Introspectable" />
	<!-- properties denied -->
	<deny send_destination="org.chromium.Cryptohome"
	send_interface="org.freedesktop.DBus.Properties" />
	<!-- allow explicit methods -->
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="CheckKey"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="AsyncCheckKey"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="MigrateKey"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="AsyncMigrateKey"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="Remove"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="AsyncRemove"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="GetSystemSalt"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="IsMounted"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="Mount"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="AsyncMount"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="MountGuest"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="AsyncMountGuest"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="Unmount"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="RemoveTrackedSubdirectories"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="AsyncRemoveTrackedSubdirectories"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="DoAutomaticFreeDiskSpaceControl"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="AsyncDoAutomaticFreeDiskSpaceControl"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="TpmIsReady"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="TpmIsEnabled"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="TpmGetPassword"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="TpmIsOwned"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="TpmIsBeingOwned"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="TpmCanAttemptOwnership"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="TpmClearStoredPassword"/>
	<allow send_destination="org.chromium.Cryptohome"
	send_interface="org.chromium.CryptohomeInterface"
	send_member="GetStatusString"/>
	</policy>
	<policy context="default">
	<deny send_destination="org.chromium.Cryptohome" />
	</policy>
	</busconfig>