The current version of security manager put this tags
- SECURITY_MANAGER_PATH_PRIVATE
- SECURITY_MANAGER_PATH_RW
User::App::XXXX
- SECURITY_MANAGER_PATH_PUBLIC
- SECURITY_MANAGER_PATH_RO
User::Home
- SECURITY_MANAGER_PATH_PUBLIC_RO
_ (underscore or floor)
Putting floor is bad because it produces
files and directories that can't be removed.
Using SECURITY_MANAGER_PATH_RO instead of
SECURITY_MANAGER_PATH_PUBLIC_RO sets the
label "User::Home". It is valid because this
label is already read only for applications.
But it is writable by the "System" labelled
services at the opposite of "_".
Change-Id: I685fe366fddb95858c66b827e28acf6d005bcfc0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
int secmgr_path_public_read_only(const char *pathname)
{
- return addpath(pathname, SECURITY_MANAGER_PATH_PUBLIC_RO);
+ return addpath(pathname, SECURITY_MANAGER_PATH_RO);
}
int secmgr_path_read_only(const char *pathname)
SECURITY_MANAGER_ERROR_ACCESS_DENIED
};
enum app_install_path_type {
+ SECURITY_MANAGER_PATH_PRIVATE,
+ SECURITY_MANAGER_PATH_PUBLIC,
SECURITY_MANAGER_PATH_PUBLIC_RO,
+ SECURITY_MANAGER_PATH_RW,
SECURITY_MANAGER_PATH_RO,
- SECURITY_MANAGER_PATH_RW
};
typedef void app_inst_req;
static int diese = 0;