BuildRequires: pkgconfig(openssl1.1)
BuildRequires: pkgconfig(mount)
BuildRequires: boost-devel
+BuildRequires: pkgconfig(libsessiond)
%if "%{build_type}" == "COVERAGE"
BuildRequires: lcov
%endif
#
-# Copyright (c) 2014-2020 Samsung Electronics Co., Ltd. All rights reserved.
+# Copyright (c) 2014-2022 Samsung Electronics Co., Ltd. All rights reserved.
#
# This file is licensed under the terms of MIT License or the Apache License
# Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
PKG_CHECK_MODULES(COMMON_DEP
REQUIRED
libcap
+ libsessiond
libsystemd
libsmack
sqlite3
/*
- * Copyright (c) 2016-2021 Samsung Electronics Co., Ltd. All rights reserved
+ * Copyright (c) 2016-2022 Samsung Electronics Co., Ltd. All rights reserved
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
return std::unique_ptr<T>(new typename std::remove_extent<T>::type[size]);
}
-
template <typename T>
static void vectorRemoveDuplicates(std::vector<T> &vec)
{
vec.erase(std::unique(vec.begin(), vec.end()), vec.end());
}
+template <size_t N>
+auto possiblyUnterminatedArrayToString(const char (&array)[N]) {
+ return std::string(array, strnlen(array, N));
+}
+
} /* namespace SecurityManager */
template <class...T>
/*
- * Copyright (c) 2019-2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2019-2022 Samsung Electronics Co., Ltd. All rights reserved.
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
#include <dpl/errno_string.h>
#include "config.h"
+#include "sessiond.h"
#include "tzplatform-config.h"
#include "utils.h"
legalPkgDirs.push_back(std::move(sharedROPath));
}
+ if (SM_APP_INSTALL_LOCAL == installType) {
+ subsession_user_t *userList = nullptr;
+ int userCount;
+
+ if (SUBSESSION_ERROR_NONE != subsession_get_user_list(uid, &userList, &userCount)) {
+ LogError("Can't determine list of users for session");
+ return SECURITY_MANAGER_ERROR_UNKNOWN;
+ }
+
+ const auto userListGuard = makeUnique(userList, free);
+ const auto allowedLocalPath = homePath + "subsession/";
+
+ for (int i = 0; i < userCount; i++) {
+ std::string newPath = allowedLocalPath
+ + possiblyUnterminatedArrayToString(userList[i]) + "/apps_rw/" + pkgName;
+ LogDebug("Adding new allowed path: " << newPath);
+ legalPkgDirs.emplace_back(std::move(newPath));
+ }
+ }
+
return SECURITY_MANAGER_SUCCESS;
}
#
-# Copyright (c) 2016-2020 Samsung Electronics Co., Ltd. All rights reserved.
+# Copyright (c) 2016-2022 Samsung Electronics Co., Ltd. All rights reserved.
#
# This file is licensed under the terms of MIT License or the Apache License
# Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
PKG_CHECK_MODULES(COMMON_DEP REQUIRED
libtzplatform-config
+ libsessiond
libsystemd
libsmack
sqlite3
/*
- * Copyright (c) 2020 Samsung Electronics Co., Ltd. All rights reserved.
+ * Copyright (c) 2020-2022 Samsung Electronics Co., Ltd. All rights reserved.
*
* This file is licensed under the terms of MIT License or the Apache License
* Version 2.0 of your choice. See the LICENSE.MIT file for MIT license details.
BOOST_REQUIRE_NO_THROW(Exception::DisplayUnknownException());
}
+POSITIVE_TEST_CASE(T293_possiblyUnterminatedArrayToString)
+{
+ char a[] = {'k', 'o', 't', 'a'};
+ BOOST_REQUIRE_EQUAL("kota", possiblyUnterminatedArrayToString(a));
+ a[3] = '\0';
+ BOOST_REQUIRE_EQUAL("kot", possiblyUnterminatedArrayToString(a));
+ a[2] = '\0';
+ BOOST_REQUIRE_EQUAL("ko", possiblyUnterminatedArrayToString(a));
+ a[1] = '\0';
+ BOOST_REQUIRE_EQUAL("k", possiblyUnterminatedArrayToString(a));
+ a[0] = '\0';
+ BOOST_REQUIRE_EQUAL("", possiblyUnterminatedArrayToString(a));
+}
+
BOOST_AUTO_TEST_SUITE_END()