projects / platform / core / system / storaged.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 60abf69)
block: Change external storage permission to 777 24/196324/1
authorpr.jung <pr.jung@samsung.com>
Tue, 13 Mar 2018 10:47:02 +0000 (19:47 +0900)
committerpr.jung <pr.jung@samsung.com>
Thu, 27 Dec 2018 06:24:58 +0000 (15:24 +0900)
- Directory permission is 777, uid is root groupid is priv_externalstorage
- security-manager will handle access control for external storage
- When externalstorage privilege is configured as privacy,
security framework will enforce this privilege with different mechanism - per-application mount namespace.
In such case mount options must be different to allow all users and groups access to mount point.
If an application is not supposed to have access to externalstorage,
security-manager will mount a special directory over sdcard mount point.
In such case access control is no longer based on GID,
so mount options must allow application access regardless of its groups.

Change-Id: I1582d3afd70354cc81d7142fee4c9edf4c94ef30
Signed-off-by: pr.jung <pr.jung@samsung.com>
src/block/mmc-smack-label patch | blob | history
src/block/vfat.c patch | blob | history

diff --git a/src/block/mmc-smack-label b/src/block/mmc-smack-label
index c20675854e55d12af53b12027de33bd2009b7d1b..70337cc50e02be41a3627333df11f31dfaf89d5e 100755 (executable)
--- a/src/block/mmc-smack-label
+++ b/src/block/mmc-smack-label
@@ -6,7 +6,7 @@ source /etc/tizen-platform.conf
 MOUNT_DIRECTORY=$1
 find $MOUNT_DIRECTORY -type d | xargs chsmack -a '*' -t
 find $MOUNT_DIRECTORY -type f | xargs chsmack -a '*'
-find $MOUNT_DIRECTORY -type d | xargs chmod 770
+find $MOUNT_DIRECTORY -type d | xargs chmod 777
 find $MOUNT_DIRECTORY -type f | xargs chmod 660
 find $MOUNT_DIRECTORY -type d | xargs chown root:priv_externalstorage
 find $MOUNT_DIRECTORY -type f | xargs chown root:priv_externalstorage
diff --git a/src/block/vfat.c b/src/block/vfat.c
index d66ef0f374b076875b1ad35b028da4d77c08b00e..488cb39b93fedc91d8be9eccb85d1234a2f8f8ab 100644 (file)
--- a/src/block/vfat.c
+++ b/src/block/vfat.c
@@ -32,7 +32,7 @@
 #define FS_VFAT_NAME   "mkdosfs"
 
 /* guid 10001 - group priv_externalstorage */
-#define FS_VFAT_MOUNT_OPT  "uid=0,gid=10001,dmask=0007,fmask=0117,iocharset=iso8859-1,utf8,shortname=mixed"
+#define FS_VFAT_MOUNT_OPT  "uid=0,gid=10001,dmask=0000,fmask=0117,iocharset=iso8859-1,utf8,shortname=mixed"
 
 static const char *vfat_arg[] = {
        "/usr/bin/newfs_msdos",
Domain: System / System Framework;