projects / platform / core / security / tef-optee_client.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1c5836e) | patch
Improve optee access control configuration 99/171999/2 accepted/tizen_5.0_unified accepted/tizen_5.5_unified accepted/tizen_5.5_unified_mobile_hotfix accepted/tizen_unified tizen tizen_5.0 tizen_5.5 tizen_5.5_mobile_hotfix tizen_5.5_tv accepted/tizen/5.0/unified/20181102.022153 accepted/tizen/5.5/unified/20191031.004224 accepted/tizen/5.5/unified/mobile/hotfix/20201027.091049 accepted/tizen/unified/20180412.140828 submit/tizen/20180412.070843 submit/tizen_5.0/20181101.000004 submit/tizen_5.5/20191031.000010 submit/tizen_5.5_mobile_hotfix/20201026.185104 tizen_5.5.m2_release
authorDariusz Michaluk <d.michaluk@samsung.com>
Thu, 8 Mar 2018 14:12:55 +0000 (15:12 +0100)
committerDariusz Michaluk <d.michaluk@samsung.com>
Mon, 12 Mar 2018 11:13:57 +0000 (12:13 +0100)
commit60fbeee6f89e2a61417033a854b3d2fdfc9f1a58
tree79cad503948fd1f33d08df0be54bdf1aba94a532tree | snapshot
parent1c5836e35aaa18655808224873632b1c62fe03b8commit | diff
Improve optee access control configuration

- drop optee supplicant daemon capabilities,
- run optee supplicant daemon under System::TEF Smack label,
- protect privileged device nodes with security_fw group and System::TEF Smack label.

Change-Id: Idda142be300c9db4d1ad79dda267e8ab051cedb9
packaging/tef-optee-client.spec diff | blob | history
systemd/90-teedaemon.rules.in [moved from systemd/90-teedaemon.rules with 62% similarity] diff | blob | history
systemd/CMakeLists.txt diff | blob | history
systemd/tef-optee.service.in diff | blob | history
Domain: Security / Trusted Execution Environment; Licenses: BSD-2-Clause;