From: Jeesun Kim <iamjs.kim@samsung.com>
Date: Wed, 21 Sep 2016 00:47:55 +0000 (+0900)
Subject: change db file path for security
X-Git-Tag: accepted/tizen/common/20160921.161902^0
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=665eea3124c5bc7d48abf5c47091c328fa11cb98;p=platform%2Fcore%2Fpim%2Fcalendar-service.git

change db file path for security

Change-Id: I1a219b91061c514d703cd50eefbba37ac9f4e7e3
---

diff --git a/packaging/calendar-service.spec b/packaging/calendar-service.spec
index 9e39c4c..9d4797d 100644
--- a/packaging/calendar-service.spec
+++ b/packaging/calendar-service.spec
@@ -1,6 +1,6 @@
 Name:       calendar-service
 Summary:    DB library for calendar
-Version:    0.1.169
+Version:    0.1.170
 Release:    1
 Group:      System/Libraries
 License:    Apache-2.0
diff --git a/scripts/calendar-service-upgrade-24to30.sh b/scripts/calendar-service-upgrade-24to30.sh
index 23fa39d..2c82f6f 100644
--- a/scripts/calendar-service-upgrade-24to30.sh
+++ b/scripts/calendar-service-upgrade-24to30.sh
@@ -8,7 +8,7 @@ PATH=/bin:/usr/bin:/sbin:/usr/sbin
 # DB ---------------------------------------------#
 # Macro
 DB_DIR_24=/opt/usr/dbspace
-DB_DIR_30=/opt/usr/home/owner/.applications/dbspace
+DB_DIR_30=/opt/usr/home/owner/.applications/dbspace/privacy
 
 DB_FILE_24=$DB_DIR_24/.calendar-svc.db
 DB_FILE_30=$DB_DIR_30/.calendar-service.db
@@ -22,7 +22,7 @@ rm $DB_FILE_24-journal
 
 # Set permission
 chown owner:users $DB_FILE_30
-chsmack -a User::Home $DB_FILE_30
+chsmack -a User $DB_FILE_30
 
 # Data -------------------------------------------#
 # Macro
diff --git a/server/cal_server.c b/server/cal_server.c
index 0aff76c..6530201 100644
--- a/server/cal_server.c
+++ b/server/cal_server.c
@@ -125,7 +125,7 @@ static void _cal_server_set_directory_permission(const char* file, mode_t mode)
 
 static void _cal_server_create_file(void)
 {
-	_cal_server_create_directory(DATA_PATH, 0775);
+	_cal_server_create_directory(TZ_DATA_PATH, 0775);
 	_cal_server_create_directory(CAL_DATA_PATH, 0775);
 
 	_cal_server_set_directory_permission(CAL_NOTI_FILE_BOOK, 0660);
diff --git a/server/cal_server_schema.c b/server/cal_server_schema.c
index ee18afe..689c6e1 100644
--- a/server/cal_server_schema.c
+++ b/server/cal_server_schema.c
@@ -29,16 +29,13 @@
 #include "cal_db.h"
 #include "schema.h"
 
-static inline int __remake_db_file(char* db_path)
+static inline int __remake_db_file(void)
 {
 	int ret;
 	char *errmsg;
 	sqlite3 *db;
-	char db_file[CAL_STR_MIDDLE_LEN] = {0};
 
-	snprintf(db_file, sizeof(db_file), "%s/%s", db_path ? db_path : DB_PATH, CALS_DB_NAME);
-
-	ret = db_util_open(db_file, &db, 0);
+	ret = db_util_open(CAL_DB_FILE, &db, 0);
 	if (SQLITE_OK != ret) {
 		/* LCOV_EXCL_START */
 		ERR("db_util_open() Fail(%d) ", ret);
@@ -59,17 +56,13 @@ static inline int __remake_db_file(char* db_path)
 	return 0;
 }
 
-static inline int __check_db_file(char* db_path)
+static inline int __check_db_file(void)
 {
 	int fd = -1;
-	char db_file[CAL_STR_MIDDLE_LEN] = {0,};
-	snprintf(db_file, sizeof(db_file), "%s/%s", db_path ? db_path : DB_PATH, CALS_DB_NAME);
-	DBG("[%s]", db_file);
-
-	fd = open(db_file, O_RDONLY);
+	fd = open(CAL_DB_FILE, O_RDONLY);
 	if (fd < 0) {
 		/* LCOV_EXCL_START */
-		ERR("DB file(%s) is not exist(err:%d) ", db_file, fd);
+		ERR("DB file(%s) is not exist(err:%d) ", CAL_DB_FILE, fd);
 		return -1;
 		/* LCOV_EXCL_STOP */
 	}
@@ -79,7 +72,7 @@ static inline int __check_db_file(char* db_path)
 
 int cal_server_schema_check(void)
 {
-	if (__check_db_file(NULL))
-		__remake_db_file(NULL);
+	if (__check_db_file())
+		__remake_db_file();
 	return 0;
 }
diff --git a/server/cal_server_update.c b/server/cal_server_update.c
index 97d4f7e..ec0b14d 100644
--- a/server/cal_server_update.c
+++ b/server/cal_server_update.c
@@ -62,11 +62,9 @@ int cal_server_update(void)
 	sqlite3 *__db;
 	char query[CAL_DB_SQL_MAX_LEN] = {0};
 
-	char db_file[CAL_STR_MIDDLE_LEN] = {0};
-	snprintf(db_file, sizeof(db_file), "%s/%s", DB_PATH, CALS_DB_NAME);
-	ret = db_util_open(db_file, &__db, 0);
+	ret = db_util_open(CAL_DB_FILE, &__db, 0);
 	if (SQLITE_OK != ret) {
-		ERR("db_util_open() fail(%d):[%s]", ret, db_file);
+		ERR("db_util_open() fail(%d):[%s]", ret, CAL_DB_FILE);
 		return CALENDAR_ERROR_DB_FAILED;
 	}
 	_cal_server_update_get_db_version(__db, &old_version);
@@ -76,7 +74,7 @@ int cal_server_update(void)
 		return CALENDAR_ERROR_NONE;
 	}
 
-	DBG("[%s] old version(%d)", db_file, old_version);
+	DBG("[%s] old version(%d)", CAL_DB_FILE, old_version);
 	if (old_version < 100) {
 		/* ----------------------- start modified 2013/08/22
 		 * added attendee_table(cutype, delegatee_uri, member), alarm_table(summary, action, attach).
diff --git a/server/db/cal_db.h b/server/db/cal_db.h
index 14ba810..2599eaf 100644
--- a/server/db/cal_db.h
+++ b/server/db/cal_db.h
@@ -24,11 +24,9 @@
 #include "calendar_view.h"
 #include "calendar_list.h"
 
-#define CALS_DB_NAME ".calendar-service.db"
-#define DB_PATH tzplatform_getenv(TZ_USER_DB)
-#define DATA_PATH tzplatform_getenv(TZ_USER_DATA)
-#define CAL_DB_FILE tzplatform_mkpath(TZ_USER_DB, ".calendar-service.db")
+#define TZ_DATA_PATH  tzplatform_getenv(TZ_USER_DATA)
 #define CAL_DATA_PATH tzplatform_mkpath(TZ_USER_DATA, "calendar-service")
+#define CAL_DB_FILE tzplatform_mkpath(TZ_USER_DB, "privacy/.calendar-service.db")
 
 /* For Security */
 #define CAL_SECURITY_FILE_GROUP 5000
diff --git a/server/db/cal_db_util.c b/server/db/cal_db_util.c
index 44699f5..a2472c2 100644
--- a/server/db/cal_db_util.c
+++ b/server/db/cal_db_util.c
@@ -139,12 +139,6 @@ int cal_db_util_open(void)
 	if (cal_db)
 		return CALENDAR_ERROR_NONE;
 
-	if (-1 == access(DB_PATH, F_OK))
-		mkdir(DB_PATH, 755);
-
-	if (-1 == access(CAL_DB_FILE, F_OK))
-		mkdir(DB_PATH, 755);
-
 	int ret = 0;
 	ret = db_util_open(CAL_DB_FILE, &cal_db, 0);
 	if (SQLITE_OK != ret) {