Code Review / src / app-framework-main.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 59c4af9) | patch
Fix issue in labelling files x-last-without-systemd
authorJosé Bollo <jose.bollo@iot.bzh>
Fri, 17 Mar 2017 10:17:36 +0000 (11:17 +0100)
committerJosé Bollo <jose.bollo@iot.bzh>
Fri, 17 Mar 2017 11:59:16 +0000 (12:59 +0100)
commit863bf1c6b4e10176edf8b26a9703109ab8db2c43
tree3c725135eaf7b284a18ef6e83285692e7fb0d476tree | snapshot
parent59c4af98b761d0f11514e9080a46a32bb440ebc0commit | diff
Fix issue in labelling files

The current version of security manager put this tags

 - SECURITY_MANAGER_PATH_PRIVATE
 - SECURITY_MANAGER_PATH_RW

      User::App::XXXX

 - SECURITY_MANAGER_PATH_PUBLIC
 - SECURITY_MANAGER_PATH_RO

      User::Home

 - SECURITY_MANAGER_PATH_PUBLIC_RO

      _ (underscore or floor)

Putting floor is bad because it produces
files and directories that can't be removed.

Using SECURITY_MANAGER_PATH_RO instead of
SECURITY_MANAGER_PATH_PUBLIC_RO sets the
label "User::Home". It is valid because this
label is already read only for applications.
But it is writable by the "System" labelled
services at the opposite of "_".

Change-Id: I685fe366fddb95858c66b827e28acf6d005bcfc0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
src/secmgr-wrap.c diff | blob | history
src/simulation/security-manager.h diff | blob | history
Application Framework main service, maintained by iot.bzh team