namespace SecurityServer {
-AccessProvider::AccessProvider(const std::string &mySubject)
- : m_mySubject(mySubject)
+AccessProvider::AccessProvider(const std::string &myLabel)
+ : m_myLabel(myLabel)
{}
void AccessProvider::allowSS() {
- m_smackAccess.add(m_mySubject, "System::Run", "x");
+ m_smackAccess.add(m_myLabel, "System::Run", "x");
+}
+
+void AccessProvider::addSubjectRule(const std::string &subject, const std::string &rule) {
+ m_smackAccess.add(subject, m_myLabel, rule);
}
void AccessProvider::addObjectRule(const std::string &object, const std::string &rule) {
- m_smackAccess.add(m_mySubject, object, rule);
+ m_smackAccess.add(m_myLabel, object, rule);
}
void AccessProvider::apply() {
}
void AccessProvider::applyAndSwithToUser(int uid, int gid) {
- RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_mySubject.c_str()),
- "Error in smack_revoke_subject(" << m_mySubject << ")");
+ RUNNER_ASSERT_MSG(0 == smack_revoke_subject(m_myLabel.c_str()),
+ "Error in smack_revoke_subject(" << m_myLabel << ")");
apply();
- RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(m_mySubject.c_str()),
+ RUNNER_ASSERT_MSG(0 == smack_set_label_for_self(m_myLabel.c_str()),
"Error in smack_set_label_for_self.");
RUNNER_ASSERT_MSG(0 == setgid(gid),
"Error in setgid.");
class AccessProvider {
public:
- AccessProvider(const std::string &mySubject);
+ AccessProvider(const std::string &myLabel);
AccessProvider(const AccessProvider &second) = delete;
AccessProvider& operator=(const AccessProvider &second) = delete;
+ void addSubjectRule(const std::string &subject, const std::string &rule);
void addObjectRule(const std::string &object, const std::string &rule);
void allowSS();
void apply();
virtual ~AccessProvider(){}
private:
- std::string m_mySubject;
+ std::string m_myLabel;;
SmackAccess m_smackAccess;
};
projects / platform / core / test / security-tests.git / commitdiff