projects / platform / core / test / security-tests.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
SM: Code cleanup - separate private sharing tests
[platform/core/test/security-tests.git] / src / security-manager-tests / test_cases_private_sharing.cpp
1 /*
2  * Copyright (c) 2016 Samsung Electronics Co., Ltd All Rights Reserved
3  *
4  *    Licensed under the Apache License, Version 2.0 (the "License");
5  *    you may not use this file except in compliance with the License.
6  *    You may obtain a copy of the License at
7  *
8  *        http://www.apache.org/licenses/LICENSE-2.0
9  *
10  *    Unless required by applicable law or agreed to in writing, software
11  *    distributed under the License is distributed on an "AS IS" BASIS,
12  *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  *    See the License for the specific language governing permissions and
14  *    limitations under the License.
15  */
16
17 // This has to be before xattr header, because it uses size_t and ssize_t and does not include this
18 // I hate you, xattr
19 #include <sys/types.h>
20 #include <attr/xattr.h>
21 #include <ftw.h>
22 #include <string>
23 #include <sys/smack.h>
24 #include <sys/stat.h>
25 #include <unistd.h>
26 #include <vector>
27
28 #include <app_install_helper.h>
29 #include <dpl/test/test_runner.h>
30 #include <memory.h>
31 #include <sm_api.h>
32 #include <sm_commons.h>
33 #include <sm_request.h>
34 #include <sm_sharing_request.h>
35 #include <tests_common.h>
36
37 using namespace SecurityManagerTest;
38 namespace {
39 const char *const owner_access = "rwxat";
40 const char *const target_path_access = "rxl";
41 const char *const target_dir_access = "x";
42 const char *const no_access = "";
43
44 void check_system_access(const std::string pathLabel, bool apply = true) {
45     check_exact_smack_accesses("User", pathLabel, (apply ? owner_access : no_access));
46     check_exact_smack_accesses("System", pathLabel, (apply ? owner_access : no_access));
47 }
48
49 void check_owner_access(const std::string &ownerLabel, const std::string &pathLabel, bool apply = true) {
50     check_exact_smack_accesses(ownerLabel, pathLabel, (apply ? owner_access : no_access));
51 }
52
53 void check_target_access(const std::string &ownerPkgLabel, const std::string &targetLabel,
54         const std::string &pathLabel, bool pathShared = true, bool anyPathShared = true) {
55     check_exact_smack_accesses(targetLabel, pathLabel, (pathShared ? target_path_access : no_access));
56     check_exact_smack_accesses(targetLabel, ownerPkgLabel, (anyPathShared ? target_dir_access : no_access));
57 }
58
59 void check_path_label(const std::string &path, const std::string &expectedLabel) {
60     char *label = nullptr;
61     int ret = smack_new_label_from_path(path.c_str(), XATTR_NAME_SMACK, 0, &label);
62     RUNNER_ASSERT_MSG(ret > 0, "smack_new_label_from_path failed for " << path);
63     SmackLabelPtr realLabel(label);
64     RUNNER_ASSERT_MSG(realLabel.get() == expectedLabel, "Fetched label from " << path << " different"
65             " than expected, is : " << realLabel.get() << " should be " << expectedLabel);
66 }
67
68 void createFile(const std::string &filePath)
69 {
70     //create temporary file and set label for it
71     mode_t systemMask;
72
73     unlink(filePath.c_str());
74     //allow to create file with 777 rights
75     systemMask = umask(0000);
76     int fd = open(filePath.c_str(), O_RDWR | O_CREAT, S_IRWXU | S_IRWXG | S_IRWXO);
77     //restore system mask
78     umask(systemMask);
79     RUNNER_ASSERT_ERRNO_MSG(fd > -1, "Unable to create file for tests");
80
81     //for descriptor protection
82     FdUniquePtr fd_ptr(&fd);
83
84     //change owner and group to user APP
85     int ret = chown(filePath.c_str(), APP_UID, APP_GID);
86     RUNNER_ASSERT_ERRNO_MSG(ret == 0, "Unable to change file owner");
87 }
88
89 struct PathInfo {
90     const std::string &path;
91     app_install_path_type path_type;
92 };
93
94 InstallRequest createInstallReq(const std::string &appName, const std::string &pkgName,
95                                        const std::vector<PathInfo> &paths){
96     InstallRequest req;
97     req.setAppId(appName);
98     req.setPkgId(pkgName);
99     for (const auto &pathInfo : paths) {
100         req.addPath(pathInfo.path, pathInfo.path_type);
101     }
102     return req;
103 }
104
105 InstallRequest createInstallReq(const AppInstallHelper &info,
106                                        const std::vector<PathInfo> &paths = std::vector<PathInfo>()){
107     return createInstallReq(info.getAppId(), info.getPkgId(), paths);
108 }
109
110 void clearLabels(const std::string &path) {
111     int result = nftw(path.c_str(), &nftw_remove_labels, FTW_MAX_FDS, FTW_PHYS);
112     RUNNER_ASSERT_MSG(result == 0, "Unable to remove Smack labels in " << path);
113 }
114
115 }
116
117 RUNNER_TEST_GROUP_INIT(SECURIT_MANAGER_PRIVATE_SHARING)
118
119 RUNNER_TEST(security_manager_30a_send_incomplete_req1)
120 {
121     SharingRequest request;
122     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
123     request.setOwnerAppId("someOwner");
124     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
125     request.setTargetAppId("someTarget");
126     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
127 }
128
129 RUNNER_TEST(security_manager_30b_send_incomplete_req2)
130 {
131     SharingRequest request;
132     request.setTargetAppId("someTarget");
133     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
134     request.setOwnerAppId("someOwner");
135     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
136 }
137
138 RUNNER_TEST(security_manager_30c_send_incomplete_req3)
139 {
140     SharingRequest request;
141     const char *somePaths[] = {"path1", "path2"};
142     request.addPaths(somePaths, sizeof(somePaths)/sizeof(somePaths[0]));
143     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
144     request.setOwnerAppId("someOwner");
145     Api::applySharing(request, SECURITY_MANAGER_ERROR_REQ_NOT_COMPLETE);
146 }
147
148 RUNNER_TEST(security_manager_30d_unknown_owner)
149 {
150     // This test depends on order of checks in security-manager service implementation
151     SharingRequest request;
152     request.setOwnerAppId("ImPrettySureIDontExist");
153     request.setTargetAppId("IDontMatter");
154     const char *somePaths[] = {"path1", "path2"};
155     request.addPaths(somePaths, sizeof(somePaths)/sizeof(somePaths[0]));
156     Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
157 }
158
159 RUNNER_TEST(security_manager_30e_unknown_target)
160 {
161     // This test depends on order of checks in security-manager service implementation
162     AppInstallHelper owner("installedApp");
163     owner.revokeRules();
164     owner.createInstallDir();
165     InstallRequest ownerInst;
166     ownerInst.setAppId(owner.getAppId());
167     ownerInst.setPkgId(owner.getPkgId());
168     Api::install(ownerInst);
169
170     SharingRequest request;
171     request.setOwnerAppId(owner.getAppId());
172     request.setTargetAppId("NowImPrettySureIDontExist");
173     const char *somePaths[] = {"path1", "path2"};
174     request.addPaths(somePaths, sizeof(somePaths)/sizeof(somePaths[0]));
175     Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
176
177     Api::uninstall(ownerInst);
178 }
179
180 RUNNER_TEST(security_manager_30f_bad_paths)
181 {
182     // This test depends on order of checks in security-manager service implementation
183     AppInstallHelper owner("installedApp");
184     owner.revokeRules();
185     owner.createInstallDir();
186     InstallRequest ownerInst = createInstallReq(owner);
187     Api::install(ownerInst);
188
189     AppInstallHelper target("secondInstalledApp");
190     target.revokeRules();
191     target.createInstallDir();
192     InstallRequest targetInst = createInstallReq(target);
193     Api::install(targetInst);
194
195     SharingRequest request;
196     request.setOwnerAppId(owner.getAppId());
197     request.setTargetAppId(target.getAppId());
198
199     const char *somePath = "/tmp/somePath";
200     createFile(somePath);
201     const char *somePaths[] = {somePath};
202     request.addPaths(somePaths, sizeof(somePaths)/sizeof(somePaths[0]));
203     Api::applySharing(request, SECURITY_MANAGER_ERROR_APP_NOT_PATH_OWNER);
204
205     Api::uninstall(ownerInst);
206     Api::uninstall(targetInst);
207 }
208
209 RUNNER_TEST(security_manager_31_simple_share)
210 {
211     std::vector<AppInstallHelper> helper {{"app31a"}, {"app31b"}};
212     auto &owner = helper[0];
213     auto &target = helper[1];
214
215     for (auto &e : helper) {
216         e.revokeRules();
217         e.createInstallDir();
218     }
219
220     owner.createPrivateDir();
221     owner.createSharedFile();
222     clearLabels(owner.getInstallDir());
223     InstallRequest ownerReq = createInstallReq(owner,
224             {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
225     Api::install(ownerReq);
226
227     InstallRequest targetReq = createInstallReq(target);
228     Api::install(targetReq);
229
230     SharingRequest share1;
231     std::string sharedPath = owner.getSharedPath();
232     share1.setOwnerAppId(owner.getAppId());
233     share1.setTargetAppId(target.getAppId());
234     const char *path[] = {sharedPath.c_str()};
235     share1.addPaths(path, 1);
236     Api::applySharing(share1);
237
238     TestSecurityManagerDatabase db;
239     std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
240     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
241
242     check_system_access(pathLabel1);
243     check_owner_access(owner.generateAppLabel(), pathLabel1);
244     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
245     check_path_label(sharedPath, pathLabel1);
246
247     Api::dropSharing(share1);
248     check_system_access(pathLabel1, false);
249     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
250     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
251     check_path_label(sharedPath, owner.generatePkgLabel());
252
253     Api::uninstall(ownerReq);
254     Api::uninstall(targetReq);
255 }
256
257 RUNNER_TEST(security_manager_32_double_share)
258 {
259     std::vector<AppInstallHelper> helper {{"app32a"}, {"app32b"}};
260     auto &owner = helper[0];
261     auto &target = helper[1];
262
263     // cleanup
264     for (auto &e : helper) {
265         e.revokeRules();
266         e.createInstallDir();
267     }
268     owner.createPrivateDir();
269     owner.createSharedFile();
270     clearLabels(owner.getInstallDir());
271
272     InstallRequest ownerReq = createInstallReq(owner,
273             {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
274     Api::install(ownerReq);
275
276     InstallRequest targetReq = createInstallReq(target);
277     Api::install(targetReq);
278
279     SharingRequest share1;
280     std::string sharedPath = owner.getSharedPath(0);
281     share1.setOwnerAppId(owner.getAppId());
282     share1.setTargetAppId(target.getAppId());
283     const char *path[] = {sharedPath.c_str()};
284     share1.addPaths(path, 1);
285     Api::applySharing(share1);
286
287     TestSecurityManagerDatabase db;
288     std::string pathLabel = db.get_path_label(sharedPath.c_str());
289     RUNNER_ASSERT_MSG(!pathLabel.empty(), "Couldn't fetch path label from database for file " << sharedPath);
290
291     check_system_access(pathLabel);
292     check_owner_access(owner.generateAppLabel(), pathLabel);
293     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel);
294     check_path_label(sharedPath, pathLabel);
295
296     Api::applySharing(share1);
297     check_system_access(pathLabel);
298     check_owner_access(owner.generateAppLabel(), pathLabel);
299     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel);
300     check_path_label(sharedPath, pathLabel);
301
302     Api::dropSharing(share1);
303     check_system_access(pathLabel);
304     check_owner_access(owner.generateAppLabel(), pathLabel);
305     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel);
306     check_path_label(sharedPath, pathLabel);
307
308     Api::dropSharing(share1);
309     check_system_access(pathLabel, false);
310     check_owner_access(owner.generateAppLabel(), pathLabel, false);
311     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel, false, false);
312     check_path_label(sharedPath, owner.generatePkgLabel());
313
314     Api::uninstall(ownerReq);
315     Api::uninstall(targetReq);
316 }
317 RUNNER_TEST(security_manager_33_share_two_with_one)
318 {
319     std::vector<AppInstallHelper> helper {{"app33a"}, {"app33b"}};
320     auto &owner = helper[0];
321     auto &target = helper[1];
322
323     // cleanup
324     for (auto &e : helper) {
325         e.revokeRules();
326         e.createInstallDir();
327     }
328     owner.createPrivateDir();
329     owner.createSharedFile(0);
330     owner.createSharedFile(1);
331     clearLabels(owner.getInstallDir());
332     InstallRequest ownerReq = createInstallReq(owner,
333         {PathInfo{owner.getSharedPath(0), SECURITY_MANAGER_PATH_RW},
334          PathInfo{owner.getSharedPath(1), SECURITY_MANAGER_PATH_RW}});
335     Api::install(ownerReq);
336
337     InstallRequest targetReq = createInstallReq(target);
338     Api::install(targetReq);
339
340     SharingRequest share1, share2;
341     std::string sharedPath1 = owner.getSharedPath(0);
342     std::string sharedPath2 = owner.getSharedPath(1);
343     share1.setOwnerAppId(owner.getAppId());
344     share2.setOwnerAppId(owner.getAppId());
345     share1.setTargetAppId(target.getAppId());
346     share2.setTargetAppId(target.getAppId());
347     const char *path1[] = {sharedPath1.c_str()};
348     const char *path2[] = {sharedPath2.c_str()};
349     share1.addPaths(path1, 1);
350     share2.addPaths(path2, 1);
351
352     Api::applySharing(share1);
353     TestSecurityManagerDatabase db;
354     std::string pathLabel1 = db.get_path_label(sharedPath1.c_str());
355     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath1);
356
357     check_system_access(pathLabel1);
358     check_owner_access(owner.generateAppLabel(), pathLabel1);
359     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
360     check_path_label(sharedPath1, pathLabel1);
361
362     Api::applySharing(share2);
363     std::string pathLabel2 = db.get_path_label(sharedPath2.c_str());
364     RUNNER_ASSERT_MSG(!pathLabel2.empty(), "Couldn't fetch path label from database for file " << sharedPath2);
365     RUNNER_ASSERT_MSG(pathLabel1 != pathLabel2, "Labels for private shared paths should be unique!");
366
367     check_system_access(pathLabel1);
368     check_system_access(pathLabel2);
369     check_owner_access(owner.generateAppLabel(), pathLabel1);
370     check_owner_access(owner.generateAppLabel(), pathLabel2);
371     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
372     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel2);
373     check_path_label(sharedPath1, pathLabel1);
374     check_path_label(sharedPath2, pathLabel2);
375
376     Api::dropSharing(share1);
377     check_system_access(pathLabel1, false);
378     check_system_access(pathLabel2);
379     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
380     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false);
381     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel2);
382     check_path_label(sharedPath1, owner.generatePkgLabel());
383     check_path_label(sharedPath2, pathLabel2);
384
385     Api::dropSharing(share2);
386     check_system_access(pathLabel1, false);
387     check_system_access(pathLabel2, false);
388     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
389     check_owner_access(owner.generateAppLabel(), pathLabel2, false);
390     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
391     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel2, false, false);
392     check_path_label(sharedPath1, owner.generatePkgLabel());
393     check_path_label(sharedPath2, owner.generatePkgLabel());
394
395     Api::uninstall(ownerReq);
396     Api::uninstall(targetReq);
397 }
398
399 RUNNER_TEST(security_manager_34_share_one_with_two)
400 {
401     std::vector<AppInstallHelper> helper {{"app34a"}, {"app34b"}, {"app34c"}};
402     auto &owner = helper[0];
403     auto &target1 = helper[1];
404     auto &target2 = helper[2];
405
406     // cleanup
407     for (auto &e : helper) {
408         e.revokeRules();
409         e.createInstallDir();
410     }
411     owner.createPrivateDir();
412     owner.createSharedFile();
413     clearLabels(owner.getInstallDir());
414
415     InstallRequest ownerReq = createInstallReq(owner,
416                                {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
417     Api::install(ownerReq);
418
419     for (size_t i = 1; i < helper.size(); i++) {
420         InstallRequest targetReq = createInstallReq(helper[i]);
421         Api::install(targetReq);
422     }
423
424     SharingRequest share1, share2;
425     std::string sharedPath = owner.getSharedPath(0).c_str();
426     share1.setOwnerAppId(owner.getAppId());
427     share2.setOwnerAppId(owner.getAppId());
428     share1.setTargetAppId(target1.getAppId());
429     share2.setTargetAppId(target2.getAppId());
430
431     const char *path[] = {sharedPath.c_str()};
432     share1.addPaths(path, 1);
433     share2.addPaths(path, 1);
434
435     Api::applySharing(share1);
436     TestSecurityManagerDatabase db;
437     std::string pathLabel = db.get_path_label(sharedPath.c_str());
438     RUNNER_ASSERT_MSG(!pathLabel.empty(), "Couldn't fetch path label from database for file " << sharedPath);
439
440     check_system_access(pathLabel);
441     check_owner_access(owner.generateAppLabel(), pathLabel);
442     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel);
443     check_path_label(sharedPath, pathLabel);
444
445     Api::applySharing(share2);
446     check_system_access(pathLabel);
447     check_owner_access(owner.generateAppLabel(), pathLabel);
448     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel);
449     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel);
450     check_path_label(sharedPath, pathLabel);
451
452     Api::dropSharing(share1);
453     check_system_access(pathLabel);
454     check_owner_access(owner.generateAppLabel(), pathLabel);
455     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel, false, false);
456     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel);
457     check_path_label(sharedPath, pathLabel);
458
459     Api::dropSharing(share2);
460     check_system_access(pathLabel, false);
461     check_owner_access(owner.generateAppLabel(), pathLabel, false);
462     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel, false, false);
463     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel, false, false);
464     check_path_label(sharedPath, owner.generatePkgLabel());
465
466     Api::uninstall(ownerReq);
467     for (size_t i = 1; i < helper.size(); i++) {
468         InstallRequest targetReq = createInstallReq(helper[i]);
469         Api::uninstall(targetReq);
470     }
471 }
472
473 RUNNER_TEST(security_manager_35_share_two_with_two)
474 {
475     std::vector<AppInstallHelper> helper {{"app35a"}, {"app35b"}, {"app35c"}};
476     auto &owner = helper[0];
477     auto &target1 = helper[1];
478     auto &target2 = helper[2];
479
480     // cleanup
481     for (auto &e : helper) {
482         e.revokeRules();
483         e.createInstallDir();
484     }
485     owner.createPrivateDir();
486     owner.createSharedFile(0);
487     owner.createSharedFile(1);
488     clearLabels(owner.getInstallDir());
489
490     InstallRequest ownerReq = createInstallReq(owner,
491            {PathInfo{owner.getSharedPath(0), SECURITY_MANAGER_PATH_RW},
492             PathInfo{owner.getSharedPath(1), SECURITY_MANAGER_PATH_RW}});
493
494     Api::install(ownerReq);
495
496     for (size_t i = 1; i < helper.size(); i++) {
497         InstallRequest targetReq = createInstallReq(helper[i]);
498         Api::install(targetReq);
499     }
500
501     SharingRequest share1, share2;
502     std::string sharedPath1 = owner.getSharedPath(0).c_str();
503     std::string sharedPath2 = owner.getSharedPath(1).c_str();
504     share1.setOwnerAppId(owner.getAppId());
505     share2.setOwnerAppId(owner.getAppId());
506     share1.setTargetAppId(target1.getAppId());
507     share2.setTargetAppId(target2.getAppId());
508
509     const char *path1[] = {sharedPath1.c_str()};
510     const char *path2[] = {sharedPath2.c_str()};
511     share1.addPaths(path1, 1);
512     share2.addPaths(path2, 1);
513
514     Api::applySharing(share1);
515     TestSecurityManagerDatabase db;
516     std::string pathLabel1 = db.get_path_label(sharedPath1.c_str());
517     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath1);
518
519     check_system_access(pathLabel1);
520     check_owner_access(owner.generateAppLabel(), pathLabel1);
521     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel1);
522     check_path_label(sharedPath1, pathLabel1);
523
524     Api::applySharing(share2);
525     std::string pathLabel2 = db.get_path_label(sharedPath2.c_str());
526     RUNNER_ASSERT_MSG(!pathLabel2.empty(), "Couldn't fetch path label from database for file " << sharedPath2);
527     RUNNER_ASSERT_MSG(pathLabel1 != pathLabel2, "Labels for shared files should be unique!");
528
529     check_system_access(pathLabel1);
530     check_system_access(pathLabel2);
531     check_owner_access(owner.generateAppLabel(), pathLabel1);
532     check_owner_access(owner.generateAppLabel(), pathLabel2);
533     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel1);
534     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel2);
535     check_path_label(sharedPath1, pathLabel1);
536     check_path_label(sharedPath2, pathLabel2);
537
538     Api::dropSharing(share2);
539     check_system_access(pathLabel1);
540     check_system_access(pathLabel2, false);
541     check_owner_access(owner.generateAppLabel(), pathLabel1);
542     check_owner_access(owner.generateAppLabel(), pathLabel2, false);
543     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel1);
544     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel2, false, false);
545     check_path_label(sharedPath1, pathLabel1);
546     check_path_label(sharedPath2, owner.generatePkgLabel());
547
548     Api::dropSharing(share1);
549     check_system_access(pathLabel1, false);
550     check_system_access(pathLabel2, false);
551     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
552     check_owner_access(owner.generateAppLabel(), pathLabel2, false);
553     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel1, false, false);
554     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel2, false, false);
555     check_path_label(sharedPath1, owner.generatePkgLabel());
556     check_path_label(sharedPath2, owner.generatePkgLabel());
557     Api::uninstall(ownerReq);
558     for (size_t i = 1; i < helper.size(); i++) {
559         InstallRequest targetReq;
560         targetReq.setAppId(helper[i].getAppId());
561         targetReq.setPkgId(helper[i].getAppId());
562         Api::uninstall(targetReq);
563     }
564 }
565
566 RUNNER_TEST(security_manager_35_share_uninstall_target) {
567     std::vector<AppInstallHelper> helper {{"app35aa"}, {"app35bb"}};
568     auto &owner = helper[0];
569     auto &target = helper[1];
570
571     for (auto &e : helper) {
572         e.revokeRules();
573         e.createInstallDir();
574     }
575
576     owner.createPrivateDir();
577     owner.createSharedFile();
578     clearLabels(owner.getInstallDir());
579
580     InstallRequest ownerReq = createInstallReq(owner,
581                                    {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
582     Api::install(ownerReq);
583
584     InstallRequest targetReq = createInstallReq(target);
585     Api::install(targetReq);
586
587     SharingRequest share1;
588     std::string sharedPath = owner.getSharedPath();
589     share1.setOwnerAppId(owner.getAppId());
590     share1.setTargetAppId(target.getAppId());
591     const char *path[] = {sharedPath.c_str()};
592     share1.addPaths(path, 1);
593     Api::applySharing(share1);
594
595     TestSecurityManagerDatabase db;
596     std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
597     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
598
599     check_system_access(pathLabel1);
600     check_owner_access(owner.generateAppLabel(), pathLabel1);
601     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
602     check_path_label(sharedPath, pathLabel1);
603
604     Api::uninstall(targetReq);
605
606     check_system_access(pathLabel1, false);
607     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
608     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
609     check_path_label(sharedPath, owner.generatePkgLabel());
610
611     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
612     Api::uninstall(ownerReq);
613 }
614
615 RUNNER_TEST(security_manager_35_share_uninstall_owner) {
616     std::vector<AppInstallHelper> helper {{"app35aaa"}, {"app35bbb"}};
617     auto &owner = helper[0];
618     auto &target = helper[1];
619
620     for (auto &e : helper) {
621         e.revokeRules();
622         e.createInstallDir();
623     }
624
625     owner.createPrivateDir();
626     owner.createSharedFile();
627
628     clearLabels(owner.getInstallDir());
629
630     InstallRequest ownerReq = createInstallReq(owner,
631                                    {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
632     Api::install(ownerReq);
633
634     InstallRequest targetReq = createInstallReq(target);
635     Api::install(targetReq);
636
637     SharingRequest share1;
638     std::string sharedPath = owner.getSharedPath();
639     share1.setOwnerAppId(owner.getAppId());
640     share1.setTargetAppId(target.getAppId());
641     const char *path[] = {sharedPath.c_str()};
642     share1.addPaths(path, 1);
643     Api::applySharing(share1);
644
645     TestSecurityManagerDatabase db;
646     std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
647     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
648
649     check_system_access(pathLabel1);
650     check_owner_access(owner.generateAppLabel(), pathLabel1);
651     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
652     check_path_label(sharedPath, pathLabel1);
653
654     owner.removePaths();
655     Api::uninstall(ownerReq);
656
657     check_system_access(pathLabel1, false);
658     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
659     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
660
661     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
662     Api::uninstall(targetReq);
663 }
664
665 RUNNER_TEST(security_manager_36_share_pkg_owner_uninstall) {
666     std::vector<AppInstallHelper> helper {{"app36a", "pkg1"}, {"app36b", "pkg1"}, {"app36c", "pkg2"}};
667     auto &owner = helper[0];
668     auto &pkgApp = helper[1];
669     auto &target = helper[2];
670
671     for (auto &e : helper) {
672         e.revokeRules();
673         e.createInstallDir();
674     }
675
676     owner.createPrivateDir();
677     owner.createSharedFile();
678     clearLabels(owner.getInstallDir());
679
680     InstallRequest ownerReq = createInstallReq(owner,
681                                    {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
682     Api::install(ownerReq);
683
684     InstallRequest pkgAppReq = createInstallReq(pkgApp);
685     Api::install(pkgAppReq);
686     InstallRequest targetReq = createInstallReq(target);
687     Api::install(targetReq);
688
689     SharingRequest share1;
690     std::string sharedPath = owner.getSharedPath();
691     share1.setOwnerAppId(owner.getAppId());
692     share1.setTargetAppId(target.getAppId());
693     const char *path[] = {sharedPath.c_str()};
694     share1.addPaths(path, 1);
695     Api::applySharing(share1);
696
697     TestSecurityManagerDatabase db;
698     std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
699     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
700
701     check_system_access(pathLabel1);
702     check_owner_access(owner.generateAppLabel(), pathLabel1);
703     check_owner_access(pkgApp.generateAppLabel(), pathLabel1);
704     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
705     check_path_label(sharedPath, pathLabel1);
706
707     owner.removePaths();
708     Api::uninstall(ownerReq);
709
710     check_system_access(pathLabel1, false);
711     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
712     check_owner_access(pkgApp.generateAppLabel(), pathLabel1, false);
713     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
714
715     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
716     Api::uninstall(pkgAppReq);
717     Api::uninstall(targetReq);
718 }
719
720 RUNNER_TEST(security_manager_36_share_pkg_owner_drop) {
721     std::vector<AppInstallHelper> helper {{"app36aa", "pkg1"}, {"app36bb", "pkg1"}, {"app36cc", "pkg2"}};
722     auto &owner = helper[0];
723     auto &pkgApp = helper[1];
724     auto &target = helper[2];
725
726     for (auto &e : helper) {
727         e.revokeRules();
728         e.createInstallDir();
729     }
730
731     owner.createPrivateDir();
732     owner.createSharedFile();
733     clearLabels(owner.getInstallDir());
734
735     InstallRequest ownerReq = createInstallReq(owner,
736                                    {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
737     Api::install(ownerReq);
738
739     InstallRequest pkgAppReq = createInstallReq(pkgApp);
740     Api::install(pkgAppReq);
741     InstallRequest targetReq = createInstallReq(target);
742     Api::install(targetReq);
743
744     SharingRequest share1;
745     std::string sharedPath = owner.getSharedPath();
746     share1.setOwnerAppId(owner.getAppId());
747     share1.setTargetAppId(target.getAppId());
748     const char *path[] = {sharedPath.c_str()};
749     share1.addPaths(path, 1);
750     Api::applySharing(share1);
751
752     TestSecurityManagerDatabase db;
753     std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
754     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
755
756     check_system_access(pathLabel1);
757     check_owner_access(owner.generateAppLabel(), pathLabel1);
758     check_owner_access(pkgApp.generateAppLabel(), pathLabel1);
759     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
760     check_path_label(sharedPath, pathLabel1);
761
762     Api::dropSharing(share1);
763
764     check_system_access(pathLabel1, false);
765     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
766     check_owner_access(pkgApp.generateAppLabel(), pathLabel1, false);
767     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
768     check_path_label(sharedPath, owner.generatePkgLabel());
769
770     Api::uninstall(ownerReq);
771     Api::uninstall(pkgAppReq);
772     Api::uninstall(targetReq);
773 }
774
775 RUNNER_TEST(security_manager_36_share_pkg_target_uninstall) {
776     std::vector<AppInstallHelper> helper {{"app36aaa", "pkg1"}, {"app36bbb", "pkg1"}, {"app36ccc", "pkg2"}};
777     auto &owner = helper[0];
778     auto &pkgApp = helper[1];
779     auto &target = helper[2];
780
781     for (auto &e : helper) {
782         e.revokeRules();
783         e.createInstallDir();
784     }
785
786     owner.createPrivateDir();
787     owner.createSharedFile();
788     clearLabels(owner.getInstallDir());
789
790     InstallRequest ownerReq = createInstallReq(owner,
791                                    {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
792     Api::install(ownerReq);
793
794     InstallRequest pkgAppReq = createInstallReq(pkgApp);
795     Api::install(pkgAppReq);
796     InstallRequest targetReq = createInstallReq(target);
797     Api::install(targetReq);
798
799     SharingRequest share1;
800     std::string sharedPath = owner.getSharedPath();
801     share1.setOwnerAppId(owner.getAppId());
802     share1.setTargetAppId(target.getAppId());
803     const char *path[] = {sharedPath.c_str()};
804     share1.addPaths(path, 1);
805     Api::applySharing(share1);
806
807     TestSecurityManagerDatabase db;
808     std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
809     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
810
811     check_system_access(pathLabel1);
812     check_owner_access(owner.generateAppLabel(), pathLabel1);
813     check_owner_access(pkgApp.generateAppLabel(), pathLabel1);
814     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
815     check_path_label(sharedPath, pathLabel1);
816
817     Api::uninstall(targetReq);
818
819     check_system_access(pathLabel1, false);
820     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
821     check_owner_access(pkgApp.generateAppLabel(), pathLabel1, false);
822     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
823     check_path_label(sharedPath, owner.generatePkgLabel());
824
825     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
826
827     Api::uninstall(ownerReq);
828     Api::uninstall(pkgAppReq);
829 }
830
831 RUNNER_TEST(security_manager_37_pkg_double_share_target_uninstall) {
832     std::vector<AppInstallHelper> helper {{"app37a", "pkg1"}, {"app37b", "pkg1"}, {"app37c", "pkg2"}};
833     auto &owner = helper[0];
834     auto &pkgApp = helper[1];
835     auto &target = helper[2];
836
837     for (auto &e : helper) {
838         e.revokeRules();
839         e.createInstallDir();
840     }
841
842     owner.createPrivateDir();
843     owner.createSharedFile();
844     clearLabels(owner.getInstallDir());
845
846     InstallRequest ownerReq = createInstallReq(owner,
847                                    {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
848     Api::install(ownerReq);
849
850     InstallRequest pkgAppReq = createInstallReq(pkgApp);
851     Api::install(pkgAppReq);
852     InstallRequest targetReq = createInstallReq(target);
853     Api::install(targetReq);
854
855     SharingRequest share1;
856     std::string sharedPath = owner.getSharedPath();
857     share1.setOwnerAppId(owner.getAppId());
858     share1.setTargetAppId(target.getAppId());
859     const char *path[] = {sharedPath.c_str()};
860     share1.addPaths(path, 1);
861     Api::applySharing(share1);
862
863     TestSecurityManagerDatabase db;
864     std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
865     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
866
867     check_system_access(pathLabel1);
868     check_owner_access(owner.generateAppLabel(), pathLabel1);
869     check_owner_access(pkgApp.generateAppLabel(), pathLabel1);
870     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
871     check_path_label(sharedPath, pathLabel1);
872
873     Api::applySharing(share1);
874
875     check_system_access(pathLabel1);
876     check_owner_access(owner.generateAppLabel(), pathLabel1);
877     check_owner_access(pkgApp.generateAppLabel(), pathLabel1);
878     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
879     check_path_label(sharedPath, pathLabel1);
880
881     Api::uninstall(targetReq);
882
883     check_system_access(pathLabel1, false);
884     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
885     check_owner_access(pkgApp.generateAppLabel(), pathLabel1, false);
886     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
887     check_path_label(sharedPath, owner.generatePkgLabel());
888
889     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
890
891     Api::uninstall(ownerReq);
892     Api::uninstall(pkgAppReq);
893 }
894
895 RUNNER_TEST(security_manager_37_pkg_double_share_owner_uninstall) {
896     std::vector<AppInstallHelper> helper {{"app37aa", "pkg1"}, {"app37bb", "pkg1"}, {"app37cc", "pkg2"}};
897     auto &owner = helper[0];
898     auto &pkgApp = helper[1];
899     auto &target = helper[2];
900
901     for (auto &e : helper) {
902         e.revokeRules();
903         e.createInstallDir();
904     }
905
906     owner.createPrivateDir();
907     owner.createSharedFile();
908     clearLabels(owner.getInstallDir());
909
910     InstallRequest ownerReq = createInstallReq(owner,
911                                    {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
912     Api::install(ownerReq);
913
914     InstallRequest pkgAppReq = createInstallReq(pkgApp);
915     Api::install(pkgAppReq);
916     InstallRequest targetReq = createInstallReq(target);
917     Api::install(targetReq);
918
919     SharingRequest share1;
920     std::string sharedPath = owner.getSharedPath();
921     share1.setOwnerAppId(owner.getAppId());
922     share1.setTargetAppId(target.getAppId());
923     const char *path[] = {sharedPath.c_str()};
924     share1.addPaths(path, 1);
925     Api::applySharing(share1);
926
927     TestSecurityManagerDatabase db;
928     std::string pathLabel1 = db.get_path_label(sharedPath.c_str());
929     RUNNER_ASSERT_MSG(!pathLabel1.empty(), "Couldn't fetch path label from database for file " << sharedPath);
930
931     check_system_access(pathLabel1);
932     check_owner_access(owner.generateAppLabel(), pathLabel1);
933     check_owner_access(pkgApp.generateAppLabel(), pathLabel1);
934     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
935     check_path_label(sharedPath, pathLabel1);
936
937     Api::applySharing(share1);
938
939     check_system_access(pathLabel1);
940     check_owner_access(owner.generateAppLabel(), pathLabel1);
941     check_owner_access(pkgApp.generateAppLabel(), pathLabel1);
942     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1);
943     check_path_label(sharedPath, pathLabel1);
944
945     owner.removePaths();
946     Api::uninstall(ownerReq);
947
948     check_system_access(pathLabel1, false);
949     check_owner_access(owner.generateAppLabel(), pathLabel1, false);
950     check_owner_access(pkgApp.generateAppLabel(), pathLabel1, false);
951     check_target_access(owner.generatePkgLabel(), target.generateAppLabel(), pathLabel1, false, false);
952
953     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
954
955     Api::uninstall(targetReq);
956     Api::uninstall(pkgAppReq);
957 }
958
959 RUNNER_TEST(security_manager_38_share_one_with_two_uninstall_target)
960 {
961     std::vector<AppInstallHelper> helper {{"app38a"}, {"app38b"}, {"app38c"}};
962     auto &owner = helper[0];
963     auto &target1 = helper[1];
964     auto &target2 = helper[2];
965
966     // cleanup
967     for (auto &e : helper) {
968         e.revokeRules();
969         e.createInstallDir();
970     }
971     owner.createPrivateDir();
972     owner.createSharedFile();
973     clearLabels(owner.getInstallDir());
974
975     InstallRequest ownerReq = createInstallReq(owner,
976                                {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
977     Api::install(ownerReq);
978
979
980     InstallRequest targetReq1 = createInstallReq(target1);
981     Api::install(targetReq1);
982     InstallRequest targetReq2 = createInstallReq(target2);
983     Api::install(targetReq2);
984
985     SharingRequest share1, share2;
986     std::string sharedPath = owner.getSharedPath(0).c_str();
987     share1.setOwnerAppId(owner.getAppId());
988     share2.setOwnerAppId(owner.getAppId());
989     share1.setTargetAppId(target1.getAppId());
990     share2.setTargetAppId(target2.getAppId());
991
992     const char *path[] = {sharedPath.c_str()};
993     share1.addPaths(path, 1);
994     share2.addPaths(path, 1);
995
996     Api::applySharing(share1);
997     TestSecurityManagerDatabase db;
998     std::string pathLabel = db.get_path_label(sharedPath.c_str());
999     RUNNER_ASSERT_MSG(!pathLabel.empty(), "Couldn't fetch path label from database for file " << sharedPath);
1000
1001     check_system_access(pathLabel);
1002     check_owner_access(owner.generateAppLabel(), pathLabel);
1003     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel);
1004     check_path_label(sharedPath, pathLabel);
1005
1006     Api::applySharing(share2);
1007     check_system_access(pathLabel);
1008     check_owner_access(owner.generateAppLabel(), pathLabel);
1009     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel);
1010     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel);
1011     check_path_label(sharedPath, pathLabel);
1012
1013     Api::uninstall(targetReq1);
1014     check_system_access(pathLabel);
1015     check_owner_access(owner.generateAppLabel(), pathLabel);
1016     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel, false, false);
1017     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel);
1018     check_path_label(sharedPath, pathLabel);
1019
1020     Api::dropSharing(share2);
1021     check_system_access(pathLabel, false);
1022     check_owner_access(owner.generateAppLabel(), pathLabel, false);
1023     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel, false, false);
1024     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel, false, false);
1025     check_path_label(sharedPath, owner.generatePkgLabel());
1026
1027     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
1028     Api::uninstall(ownerReq);
1029     Api::uninstall(targetReq2);
1030 }
1031
1032 RUNNER_TEST(security_manager_38_share_one_with_two_uninstall_owner)
1033 {
1034     std::vector<AppInstallHelper> helper {{"app38aa"}, {"app38bb"}, {"app38cc"}};
1035     auto &owner = helper[0];
1036     auto &target1 = helper[1];
1037     auto &target2 = helper[2];
1038
1039     // cleanup
1040     for (auto &e : helper) {
1041         e.revokeRules();
1042         e.createInstallDir();
1043     }
1044     owner.createPrivateDir();
1045     owner.createSharedFile();
1046     clearLabels(owner.getInstallDir());
1047
1048     InstallRequest ownerReq = createInstallReq(owner,
1049                                {PathInfo{owner.getSharedPath(), SECURITY_MANAGER_PATH_RW}});
1050     Api::install(ownerReq);
1051
1052
1053     InstallRequest targetReq1 = createInstallReq(target1);
1054     Api::install(targetReq1);
1055     InstallRequest targetReq2 = createInstallReq(target2);
1056     Api::install(targetReq2);
1057
1058     SharingRequest share1, share2;
1059     std::string sharedPath = owner.getSharedPath(0).c_str();
1060     share1.setOwnerAppId(owner.getAppId());
1061     share2.setOwnerAppId(owner.getAppId());
1062     share1.setTargetAppId(target1.getAppId());
1063     share2.setTargetAppId(target2.getAppId());
1064
1065     const char *path[] = {sharedPath.c_str()};
1066     share1.addPaths(path, 1);
1067     share2.addPaths(path, 1);
1068
1069     Api::applySharing(share1);
1070     TestSecurityManagerDatabase db;
1071     std::string pathLabel = db.get_path_label(sharedPath.c_str());
1072     RUNNER_ASSERT_MSG(!pathLabel.empty(), "Couldn't fetch path label from database for file " << sharedPath);
1073
1074     check_system_access(pathLabel);
1075     check_owner_access(owner.generateAppLabel(), pathLabel);
1076     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel);
1077     check_path_label(sharedPath, pathLabel);
1078
1079     Api::applySharing(share2);
1080     check_system_access(pathLabel);
1081     check_owner_access(owner.generateAppLabel(), pathLabel);
1082     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel);
1083     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel);
1084     check_path_label(sharedPath, pathLabel);
1085
1086     owner.removePaths();
1087     Api::uninstall(ownerReq);
1088     check_system_access(pathLabel, false);
1089     check_owner_access(owner.generateAppLabel(), pathLabel,false);
1090     check_target_access(owner.generatePkgLabel(), target1.generateAppLabel(), pathLabel, false, false);
1091     check_target_access(owner.generatePkgLabel(), target2.generateAppLabel(), pathLabel, false, false);
1092
1093     Api::dropSharing(share1, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
1094     Api::dropSharing(share2, SECURITY_MANAGER_ERROR_APP_UNKNOWN);
1095     Api::uninstall(targetReq1);
1096     Api::uninstall(targetReq2);
1097 }
Domain: Security / Uncategorized;