[Service] Drop privilege of hybrid web app

The hybrid web app should have smack label "User::Pkg::$pkg_id::App::$app_id".

Tizen security reference:
https://wiki.tizen.org/Security:TizenSmackReferencePolicy#label_of_applications

Together with:
https://review.tizen.org/gerrit/250122

Change-Id: I63e386d949fef6665a8c7bd8b9d6dcba8f7c825f
Signed-off-by: Youngsoo Choi <kenshin.choi@samsung.com>

diff --git a/wrt_app/service/access_control_manager.ts b/wrt_app/service/access_control_manager.ts
index e3621a028b81201e2d8f1e5d76164be4c92c63ae..ae6883a71803a8c21ca057bd1505e32b94099bc1 100644 (file)
--- a/wrt_app/service/access_control_manager.ts
+++ b/wrt_app/service/access_control_manager.ts
@@ -21,8 +21,8 @@ function isNetworkModule(module: string) {
   return false;
 }
 
-export function initialize(packageId:string, permissions: string[]) {
-  wrt.security?.dropThreadPrivilege(packageId);
+export function initialize(packageId:string, appId:string, permissions: string[]) {
+  wrt.security?.dropThreadPrivilege(packageId, appId);
   let tizen = global.tizen;
   if (!permissions.includes("http://tizen.org/privilege/alarm")) {
     tizen.alarm.add =

diff --git a/wrt_app/service/device_api_router.ts b/wrt_app/service/device_api_router.ts
index f74f15eb0bcff05487d4f39e8c225d8657487ce4..fd5cf846deef6b68a550df8fb84ae65bfa9c58dd 100644 (file)
--- a/wrt_app/service/device_api_router.ts
+++ b/wrt_app/service/device_api_router.ts
@@ -204,7 +204,7 @@ export class DeviceAPIRouter {
   initAccessControlManager() {
     console.log(`permissions : ${this.permissions}`);
     const AccessControlManager = require('./access_control_manager');
-    AccessControlManager.initialize(this.packageId, this.permissions);
+    AccessControlManager.initialize(this.packageId, this.serviceId, this.permissions);
   }
 
   refineResolveFilename() {