From: Hwankyu Jhun Date: Wed, 5 Apr 2017 00:01:27 +0000 (+0900) Subject: Check privacy before executing an application X-Git-Tag: accepted/tizen/unified/20170428.033044~5 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ec97ec0b1970a40bf1afa08c7efc3b3e52ab99a8;p=platform%2Fcore%2Fappfw%2Flaunchpad.git Check privacy before executing an application If the security_manager_prepare_app_privacy() returns an error, the launch request will be rejected. Change-Id: Iaa4f1341ff684cef33cfeea35921fa3c017bce80 Signed-off-by: Hwankyu Jhun --- diff --git a/src/launchpad.c b/src/launchpad.c index 5cf71de..fef9868 100755 --- a/src/launchpad.c +++ b/src/launchpad.c @@ -707,8 +707,15 @@ static int __prepare_exec(const char *appid, const char *app_path, /* TODO : should be add to check permission in the kernel*/ setsid(); - /* SET PRIVILEGES*/ if (bundle_get_val(kb, AUL_K_PRIVACY_APPID) == NULL) { + /* CHECK PRIVACY */ + ret = security_manager_prepare_app_privacy(appid); + if (ret != SECURITY_MANAGER_SUCCESS) { + _W("Launching %s has been prohibited", appid); + return PAD_ERR_REJECTED; + } + + /* SET PRIVILEGES*/ ret = security_manager_prepare_app(appid); if (ret != SECURITY_MANAGER_SUCCESS) return PAD_ERR_REJECTED; diff --git a/src/launchpad_lib.c b/src/launchpad_lib.c index 927046e..c73c4fd 100644 --- a/src/launchpad_lib.c +++ b/src/launchpad_lib.c @@ -67,9 +67,17 @@ static int __prepare_exec(const char *appid, const char *app_path, __preexec_run(pkg_type, appid, app_path); - /* SET PRIVILEGES*/ SECURE_LOGD("[candidata] appid : %s / pkg_type : %s / app_path : %s", appid, pkg_type, app_path); + + /* CHECK PRIVACY */ + ret = security_manager_prepare_app_privacy(appid); + if (ret != SECURITY_MANAGER_SUCCESS) { + _W("Launching %s has been prohibited", appid); + return -1; + } + + /* SET PRIVILEGES*/ ret = security_manager_prepare_app(appid); if (ret != SECURITY_MANAGER_SUCCESS) { _D("fail to set privileges - " \