#include <util/log.h>
#include <util/resource.h>
#include <util/thread.h>
+#include <util/privilege.h>
#include <monitor/request.h>
#include <monitor/monitor.h>
#include <sys/time.h>
#include <assert.h>
+#define PRIVILEGE_SYSTEMMONITOR "http://tizen.org/privilege/systemmonitor"
+
#define PENDING_MAX 3
#define REQUEST_SERVER_PORT 10001
goto error_out_close;
}
+ if (!is_privilege_supported(new_socket, PRIVILEGE_SYSTEMMONITOR)) {
+ _E("privilige is not supported");
+ break;
+ }
+
create_request_client(new_socket);
}
#include <stdlib.h>
#include <cynara-client.h>
+#include <cynara-creds-socket.h>
#include <cynara-session.h>
#include <util/log.h>
extern char *program_invocation_name;
-bool is_privilege_supported(const char *privilege_name)
+bool is_privilege_supported(int sock_fd, const char *privilege_name)
{
cynara *cynara = NULL;
FILE *fp = NULL;
char uid[16];
char *session = NULL;
char smack_label[BUFF_MAX] = {0, };
+ char attr_path[BUFF_MAX] = {0, };
int ret;
+ pid_t pid;
if (cynara_initialize(&cynara, NULL) != CYNARA_API_SUCCESS) {
_E("failed to initialize cynara");
return false;
}
- fp = fopen("/proc/self/attr/current", "r");
+ if (cynara_creds_socket_get_pid(sock_fd, &pid) != CYNARA_API_SUCCESS) {
+ _E("failed to get pid via cynara");
+ return false;
+ }
+ snprintf(attr_path, BUFF_MAX, "/proc/%d/attr/current", pid);
+
+ fp = fopen(attr_path, "r");
if (fp != NULL) {
int ch = 0;
int idx = 0;
fclose(fp);
}
- pid_t pid = getpid();
+ _I("sock_fd(%d) pid(%d), smack_lable(%s)", sock_fd, pid, smack_label);
+
session = cynara_session_from_pid(pid);
snprintf(uid, 16, "%d", getuid());
uid[15] = '\0';
if (cynara)
cynara_finish(cynara);
if (ret != CYNARA_API_ACCESS_ALLOWED) {
- _E("'%s' privilege is not supported on %s",
- privilege_name, program_invocation_name);
+ _E("'%s' privilege is not supported on pid(%d)",
+ privilege_name, pid);
return false;
}
projects / platform / core / system / pass.git / commitdiff