Change local permissible file location to use UID rather than username

This is a protection against possible malicious user names.

Change-Id: I4a254fc4f9976fd9bc85d9d4488ba0b49a039da7

diff --git a/policy/updates/update-policy-to-v8.sh b/policy/updates/update-policy-to-v8.sh
new file mode 100755 (executable)
index 0000000..242a477
--- /dev/null
+++ b/policy/updates/update-policy-to-v8.sh
@@ -0,0 +1,26 @@
+#!/bin/sh -e
+
+export PATH=/sbin:/usr/sbin:/bin:/usr/bin
+
+. /etc/tizen-platform.conf
+
+systemctl stop security-manager.service security-manager.socket
+
+temp_dir=`mktemp -d`
+
+for dir in "$TZ_SYS_VAR"/security-manager/*/
+do
+    user_name=`basename "$dir"`
+    if user_id=`id -u $user_name` 2>&1; then
+        mv "$dir" $temp_dir/$user_id
+    fi
+done
+
+for dir in $temp_dir/*/
+do
+    mv "$dir" "$TZ_SYS_VAR"/security-manager/
+done
+
+rmdir $temp_dir
+
+systemctl start security-manager.service security-manager.socket

diff --git a/src/common/permissible-set.cpp b/src/common/permissible-set.cpp
index 835f5f7..8a3056f 100644 (file)
--- a/src/common/permissible-set.cpp
+++ b/src/common/permissible-set.cpp
@@ -88,7 +88,7 @@ std::string getPermissibleFileLocation(uid_t uid, int installationType)
             APPS_LABELS_FILE);
     else
         return tpc.ctxMakePath(TZ_SYS_VAR, SERVICE_NAME,
-            tpc.ctxGetEnv(TZ_USER_NAME), APPS_LABELS_FILE);
+            std::to_string(uid), APPS_LABELS_FILE);
 }
 
 static void markPermissibleFileValid(int fd, const std::string &nameFile, bool valid)