review.tizen.org Git - platform/core/security/security-manager.git/commit

author	Rafal Krypa <r.krypa@samsung.com>
	Fri, 29 Apr 2016 17:44:12 +0000 (19:44 +0200)
committer	Rafal Krypa <r.krypa@samsung.com>
	Fri, 29 Apr 2016 17:46:17 +0000 (19:46 +0200)
commit	e5aaf17b1afbe7a8efb916325222d9fdbf1615e4
tree	329d8df61819d04ebdb5f4a2ee19e01cab25db46	tree \| snapshot
parent	31f77aea957f603c982f41acadf1023166fad509	commit \| diff

Don't check permissions on API calls in off-line mode

Off-line mode was introduced to be used during image creation, when no
services are running. It enables root to perform some security-manager
operations on the client side.

But in off-line mode not only security-manager isn't running. No services
run, including cynara service. When libsecurity-manager-client tries to
check whether the off-line mode user has access to proper privilege, it
fails because cynara_check() has no off-line mode.

Permission checking in such scenario isn't required. The user is already
checked for UID 0 and even if it gets away from that check, it wouldn't be
able to perform actual operations without being super user.

Change-Id: I087bbc6b29a702a445d4498b96a950ca1e919efd
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>

src/client/client-offline.cpp		diff \| blob \| history
src/client/client-security-manager.cpp		diff \| blob \| history
src/client/include/client-offline.h		diff \| blob \| history
src/common/include/credentials.h		diff \| blob \| history
src/common/include/service_impl.h		diff \| blob \| history
src/common/service_impl.cpp		diff \| blob \| history