projects / platform / core / system / pass.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ec84e1a)
pass: Change permission from root to 'system_fw' uid/gid
authorChanwoo Choi <cw00.choi@samsung.com>
Thu, 15 Jun 2017 10:00:56 +0000 (19:00 +0900)
committerChanwoo Choi <cw00.choi@samsung.com>
Mon, 19 Jun 2017 04:39:45 +0000 (13:39 +0900)
This patch changes the permission from root to 'system_fw' uid/gid for PASS.
Basically, Tizen has the policy to reduce the number of root daemon
to protect the security issues. If PASS has the system_fw uid, it is enough
to handle the h/w resources.

Change-Id: I48aef3da083b6f1f4160ed166fdad89293acc5b6
Signed-off-by: Chanwoo Choi <cw00.choi@samsung.com>
systemd/pass.service patch | blob | history

diff --git a/systemd/pass.service b/systemd/pass.service
index 070f30d..35e0578 100644 (file)
--- a/systemd/pass.service
+++ b/systemd/pass.service
@@ -1,12 +1,14 @@
 [Unit]
-Description=System device daemon
+Description=PASS daemon
 
 [Service]
-SmackProcessLabel=System::Privileged
+SmackProcessLabel=System
 ExecStart=/usr/bin/pass
 Restart=always
 RestartSec=0
 KillSignal=SIGUSR1
+User=system_fw
+Group=system_fw
 
 [Install]
 WantedBy=multi-user.target
Domain: System / Kernel; Licenses: Apache-2.0;