If the security_manager_prepare_app_privacy() returns an error,
the launch request will be rejected.
Change-Id: Iaa4f1341ff684cef33cfeea35921fa3c017bce80
Signed-off-by: Hwankyu Jhun <h.jhun@samsung.com>
/* TODO : should be add to check permission in the kernel*/
setsid();
- /* SET PRIVILEGES*/
if (bundle_get_val(kb, AUL_K_PRIVACY_APPID) == NULL) {
+ /* CHECK PRIVACY */
+ ret = security_manager_prepare_app_privacy(appid);
+ if (ret != SECURITY_MANAGER_SUCCESS) {
+ _W("Launching %s has been prohibited", appid);
+ return PAD_ERR_REJECTED;
+ }
+
+ /* SET PRIVILEGES*/
ret = security_manager_prepare_app(appid);
if (ret != SECURITY_MANAGER_SUCCESS)
return PAD_ERR_REJECTED;
__preexec_run(pkg_type, appid, app_path);
- /* SET PRIVILEGES*/
SECURE_LOGD("[candidata] appid : %s / pkg_type : %s / app_path : %s",
appid, pkg_type, app_path);
+
+ /* CHECK PRIVACY */
+ ret = security_manager_prepare_app_privacy(appid);
+ if (ret != SECURITY_MANAGER_SUCCESS) {
+ _W("Launching %s has been prohibited", appid);
+ return -1;
+ }
+
+ /* SET PRIVILEGES*/
ret = security_manager_prepare_app(appid);
if (ret != SECURITY_MANAGER_SUCCESS) {
_D("fail to set privileges - " \