projects / platform / core / security / libprivilege-control.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 31e945b)
Elimination of relative command paths ambiguity
authorRadoslaw Bartosiak <r.bartosiak@samsung.com>
Mon, 25 Nov 2013 17:42:49 +0000 (18:42 +0100)
committerKrzysztof Jackiewicz <k.jackiewicz@samsung.com>
Mon, 9 Dec 2013 19:38:05 +0000 (20:38 +0100)
[Issue#]       SSDWSSP-684

[Bug/Feature]  A security vulnerability to attacks fixed.

[Cause]        Malicious change of PATH variable might be used to an exploit (change of commands).

[Solution]     The correct PATH variable set in the script.

[Verification] Build, install and run tests.

Change-Id: I85753bfe4fdf8b5cb9fe7cab1caa5b88725a04a0

Conflicts:

smack_default_labeling

smack_default_labeling patch | blob | history

diff --git a/smack_default_labeling b/smack_default_labeling
index ee47733..fa39484 100644 (file)
--- a/smack_default_labeling
+++ b/smack_default_labeling
@@ -1,5 +1,5 @@
 #!/bin/sh
-
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
 DBSPACE=/opt/dbspace
 DBSPACE_RW=/opt/usr/dbspace
 APPS_DIR=/opt/apps
Domain: Security / Access Control;