review.tizen.org Git - platform/framework/web/web-provider.git/commit

author	Yunchan Cho <yunchan.cho@samsung.com>
	Mon, 19 Aug 2013 06:56:12 +0000 (15:56 +0900)
committer	Soo-Hyun Choi <sh9.choi@samsung.com>
	Wed, 25 Sep 2013 09:07:11 +0000 (18:07 +0900)
commit	41c1cb2f445e9b24944a3ce3f3afe4093ab23639
tree	56ef5640fdf29626d00529d62ac1280a4f2bb1ba	tree \| snapshot
parent	0bea9b692f650667a1efab7b565fdb64ef899bb3	commit \| diff

Change smack label of spawned WebProcess/PluginProcess to proper one.

[Issue]    N/A
[Problem]  WebProcess/PluginProcess spawned from web-provider have so many smack permissions
[Cause]    There was no way to change proper smack label of spawned webkit processes.
           We had made web-provider have so many smack permissions, so that
           spawned webkit processes inherited the all permissions.
           This is dangerous on side of security of app resources.
[Solution] For resolving this, we have made WebProcess/PluginProcess change its smack label itself.
           this webkit patch does that (https://tizendev.org/gerrit/#/c/90502/)
           To request to change smack label to webkit, web-provider must set the following env variables.
           For WebProcess    : setenv("WEB_PROCESS_EXECUTABLE_PATH", "/path/to/webprocess/symlink", 1);
           For PluginProcess : setenv("PLUGIN_PROCESS_EXECUTABLE_PATH", "/paht/to/pluginprocess/symlink", 1);
           values of each env variable should be different per each web application.

Change-Id: Ifde0fd5555e4955aed9950a6d2a47c2d0b80a5a4

packaging/livebox.web-provider.spec		diff \| blob \| history
src/Plugin/AppBoxPlugin/AppBoxManager.cpp		diff \| blob \| history
src/Plugin/AppBoxPlugin/AppBoxManager.h		diff \| blob \| history
src/Plugin/AppBoxPlugin/CMakeLists.txt		diff \| blob \| history