projects / platform / core / security / security-config.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0369ed9)
Add User::Shell to onlycap list 19/89619/1
authorjooseong lee <jooseong.lee@samsung.com>
Mon, 26 Sep 2016 07:10:06 +0000 (16:10 +0900)
committerjooseong lee <jooseong.lee@samsung.com>
Mon, 26 Sep 2016 07:10:06 +0000 (16:10 +0900)
'User::Shell' is a new domain for only shell process.

* https://review.tizen.org/gerrit/#/c/89586/

Change-Id: Icfb489f375fc02395f69005105f8e84683676009
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
smack/onlycap patch | blob | history
smack/smack_default_labeling patch | blob | history

diff --git a/smack/onlycap b/smack/onlycap
index 4eb869b7d44cd554111675fc49773e59d09f0d51..fda25de53af1580d770e869c097c2526177e27c1 100644 (file)
--- a/smack/onlycap
+++ b/smack/onlycap
@@ -1 +1 @@
-System::Privileged
+User::Shell System::Privileged
diff --git a/smack/smack_default_labeling b/smack/smack_default_labeling
index 764e33d7a2c3a5c127992876ec65f8fd33d0542d..256cc6968b17f610adb890e32739fc68b43585a1 100644 (file)
--- a/smack/smack_default_labeling
+++ b/smack/smack_default_labeling
@@ -1,6 +1,7 @@
 #!/bin/bash
 
 PATH=/bin:/usr/bin:/sbin:/usr/sbin
+ONLYCAP_LIST="/etc/smack/onlycap"
 
 # check initial boot
 function check_init_boot
@@ -30,4 +31,4 @@ then
        set_smack_label
 fi
 
-echo "System::Privileged" > /sys/fs/smackfs/onlycap
+echo $(cat $ONLYCAP_LIST) > /sys/fs/smackfs/onlycap
Domain: Security / Access Control;