projects / platform / core / security / security-manager.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 581d0df) | patch
Implement permissible file integrity verification
authorFilip Skrzeczkowski <f.skrzeczkow@samsung.com>
Wed, 23 Aug 2023 13:01:00 +0000 (15:01 +0200)
committerTomasz Swierczek <t.swierczek@samsung.com>
Wed, 29 Nov 2023 10:07:23 +0000 (11:07 +0100)
commitb0af7f7ec35cf04eebbb768d3852fe4a81048761
tree56464d7faf5de0b35e874e7015185a4c1671b8a3tree | snapshot
parent581d0dfd29a485c286e7a3ff383bf89fddb7bfa8commit | diff
Implement permissible file integrity verification

Permissible files have a SHA-1 hash attached at the beginning.
Upon opening it is compared with a new hash calculated from the
file content in order to verify if the file's integrity is intact.
An error is thrown should the hashes differ. Files with no hash are
still supported but reading/updating the rules stored in them
will cause them to automatically switch to the new system.

Change-Id: I5ec379b58cc78e63bcde084ada43273237d61beb
src/client/client-label-monitor.cpp diff | blob | history
src/common/include/permissible-set.h diff | blob | history
src/common/permissible-set.cpp diff | blob | history
src/include/security-manager-types.h diff | blob | history
test/CMakeLists.txt diff | blob | history
test/test_permissible-set.cpp [new file with mode: 0644] blob
Domain: Security / Access Control;