## Do not modify this file, create a new policy file with a lower number in the
## filename instead. For example `30-user.policy`.

# service            arg source                  target                  action params

sdwdate-gui.Connect      *   @tag:sdwdate-gui-client @tag:sdwdate-gui-server allow  autostart=no notify=no
sdwdate-gui.ConnectCheck *   @tag:sdwdate-gui-client @tag:sdwdate-gui-server allow  autostart=no notify=no

sdwdate-gui.Connect      *   @anyvm                  @anyvm                  deny
sdwdate-gui.ConnectCheck *   @anyvm                  @anyvm                  deny

# Legacy, all of these services should effectively be no-ops for fully updated
# Whonix-Gateway and Whonix-Workstation qubes.
sdwdate.Connect      *   @tag:sdwdate-gui-client @tag:sdwdate-gui-server allow  autostart=no notify=no
sdwdate.ConnectCheck *   @tag:sdwdate-gui-client @tag:sdwdate-gui-server allow  autostart=no notify=no

sdwdate.Connect      *   @anyvm                  @anyvm                  deny
sdwdate.ConnectCheck *   @anyvm                  @anyvm                  deny

whonix.SdwdateStatus +         @tag:anon-gateway @tag:anon-vm      allow  autostart=no notify=no
whonix.SdwdateStatus +         @tag:anon-gateway @default          deny   notify=no
whonix.SdwdateStatus +         @anyvm            @anyvm            deny

whonix.NewStatus     *         @tag:anon-vm      @tag:anon-gateway allow  autostart=no
whonix.NewStatus     *         @anyvm            @anyvm            deny

whonix.GatewayCommand +restart @tag:anon-gateway @tag:anon-vm      allow  autostart=no
whonix.GatewayCommand +stop    @tag:anon-gateway @tag:anon-vm      allow  autostart=no
whonix.GatewayCommand +showlog @tag:anon-gateway @tag:anon-vm      allow  autostart=no
whonix.GatewayCommand *        @anyvm            @anyvm            deny

# Harden against potential IP leaks by not allowing a compromised
# Whonix-Workstation to open files, URLs, or applications in VMs other than
# Whonix-Workstation VMs (typically DispVMs).
qubes.OpenInVM        *        @tag:anon-vm      @dispvm           ask    default_target=@dispvm
qubes.OpenInVM        *        @tag:anon-vm      @tag:anon-vm      ask
qubes.OpenInVM        *        @tag:anon-vm      @default          ask
qubes.OpenInVM        *        @tag:anon-vm      @anyvm            deny

qubes.OpenURL         *        @tag:anon-vm      @dispvm           ask    default_target=@dispvm
qubes.OpenURL         *        @tag:anon-vm      @tag:anon-vm      ask
qubes.OpenURL         *        @tag:anon-vm      @default          ask
qubes.OpenURL         *        @tag:anon-vm      @anyvm            deny

qubes.StartApp        *        @tag:anon-vm      @dispvm           ask    default_target=@dispvm
qubes.StartApp        *        @tag:anon-vm      @tag:anon-vm      ask
qubes.StartApp        *        @tag:anon-vm      @default          ask
qubes.StartApp        *        @tag:anon-vm      @anyvm            deny