Yunjin Lee [Mon, 22 Jan 2018 07:19:24 +0000 (16:19 +0900)]
Integrate privilege DBs
- Integrate privilege DBs into one: (old) core_privilege_info.db,
core_privilege_mapping.db, wrt_privilege_info.db, and
wrt_privilege_mapping.db into (new) privilege.db
- Use sqlite csv import function instead of parsing csv file.
It cuts down required time for rpm build.
- privilege_info table contains core/wrt privilege definition.
- privilege_mapping table contains core/wrt privilege mapping
information.
- privacy_privilege_info.csv file contains privacy privilege of each
profile. We can handle privacy privileges according to the profile.
(For example, privilege A can be a privacy privilege in profile 'mobile' and
non-privacy privilege in profile 'tv')
- Modified DB queries accordingly.
- Update release version.
- TODO: remove profile and version from privilege information except
default privilege mapping.
Change-Id: Ie14e92092aadc81734d7082e4bb67be26a9cdf84
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 5 Jan 2018 06:26:36 +0000 (15:26 +0900)]
Add web privilege: externalstorage/mediastorage
- Decided to treat storage related privilegs as privacy from 4.0 and web doesn't
have such a privilege
- Add storage privileges and remove it from original mapping from 4.0
Change-Id: I64192b1a0574fecb511369af0bf2dbc3168a74e1
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 21 Nov 2017 05:57:43 +0000 (14:57 +0900)]
Add storage privacy
- Add storage privacy: http://tizen.org/privacy/storage
- Add http://tizen.org/privilege/externalstorage and
http://tizen.org/privilege/mediastorage to storage privacy
Change-Id: I17531580916fb95251daca1ea2cfea245dd63bb1
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 3 Jan 2018 01:43:43 +0000 (10:43 +0900)]
Add core privilege: devicecertificate
Change-Id: Ic5ca994527c94cb932f591d8987afef998b5317a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 13 Dec 2017 01:44:10 +0000 (10:44 +0900)]
Fix syntax error in mdm query
Change-Id: I2a0b508df8498d6bbce1d67ff3381042ec4dfb43
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Nov 2017 09:34:02 +0000 (18:34 +0900)]
Get global app user ID from config file when updating policy DB
Change-Id: Iedee971096ca536e8e227ce590171d8b5f3b7957
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Nov 2017 09:32:13 +0000 (18:32 +0900)]
Modify privacy DB to store user settable privacy packages only
Change-Id: I079c245ed5e0248e78810ec7909b8044f4f7056d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 15 Nov 2017 01:51:32 +0000 (10:51 +0900)]
Add web tee.client privilege for all profile
Change-Id: I2b51276820979cdc6cf307c0013e958a089aaa23
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 26 Oct 2017 07:03:06 +0000 (16:03 +0900)]
Update privacy white list
Change-Id: I41ede1fedea5e467ab701bb529c33e2abd3735d8
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 25 Oct 2017 02:12:33 +0000 (11:12 +0900)]
Fix api-version comparison bug
- 4.0 is greater than 4 in sqlite query.
To handle api-version 4 properly, fix the number to compare to 4 from 4.0.
Change-Id: Id07d7afe37c6fcacb9e13b2f7d8bba7941385d72
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 25 Oct 2017 02:07:59 +0000 (02:07 +0000)]
Revert "Do not return privilege type privacy for web app"
- Privacy privilege manager Web device API will be supported.
This reverts commit
240edda34e40e2ad20b1dccc478143533780ac00.
Change-Id: I3ab7cb16b767cdcef0909a969713f3c6227882fe
Yunjin Lee [Mon, 23 Oct 2017 06:00:38 +0000 (15:00 +0900)]
Do not return privilege type privacy for web app
- From 4.0, developer should use privacy-privilege-manager APIs to request privacy privileges. Currently, ppm APIs are supported for native and C# applications but no web device APIs, yet. Hence, allow web applications to get privacy privileges without privacy request popups.
Change-Id: I33941aaf684a1a72d0b0c46351f10edc9bc29f01
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 19 Oct 2017 05:35:23 +0000 (14:35 +0900)]
Add DID of peripheralio privilege
Change-Id: Ib93f32360eab5d57347d76bfc1de55f18cc1d239
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 17 Oct 2017 03:03:56 +0000 (12:03 +0900)]
Change core privilege level from public to partner: blocknumber.read and blocknumber.write
Change-Id: I64adde1ba7d6ce342fb84516e3befc9dee68a759
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 16 Oct 2017 02:32:53 +0000 (11:32 +0900)]
Update language files: peripheralio
Change-Id: I4cdf5708e429ea23f1c395a08d88f178bf64e96b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 28 Sep 2017 07:14:51 +0000 (16:14 +0900)]
Add core privilege: peripheralio
- privilege required to communicate with peripherals
Change-Id: I60584dd8d70c445b04dd4c1c5ac633e1a61c32e6
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 26 Sep 2017 10:16:31 +0000 (19:16 +0900)]
Remove core/web privilege from all profile: d2d.datasharing
Change-Id: I45a7c0eef59085f34dcb390ba7abcd566e9d7e37
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 26 Sep 2017 07:57:50 +0000 (16:57 +0900)]
Fix memory leak
Change-Id: I501ffe0d0588a383496c7ca126d5627ee3ed40bd
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 26 Sep 2017 07:37:31 +0000 (16:37 +0900)]
Remove redundant value is_privacy_requestable from privacy_package table
Change-Id: I85ea9024671aef27b2cdb08748d1bb4c25f22873
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 19 Sep 2017 04:27:16 +0000 (13:27 +0900)]
Add web privileges : appmanager.launch, datasharing
Change-Id: Idc2effd1ff016304f36b37de28561e5fcfacec45
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 18 Sep 2017 08:19:25 +0000 (17:19 +0900)]
Modify mapping table for internal appdebugging privilege
- Add internal appdebugging privilege itself as mapped privilege
Change-Id: I1c8065b8025c7ee28c2af57144b1a6a0c20dcd28
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 15 Sep 2017 06:10:39 +0000 (15:10 +0900)]
Remove api-version check from privilege verification
- Check certificate signature level iff the privilege exists.
- Do not return error for not exist/deprecated privilege.
- Return PRVMGR_ERR_INVALID_PRIVILEGE for internal privileges.
Change-Id: If7cd242acbd9a070a983f747959f22f0711bd7df
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 13 Sep 2017 02:07:15 +0000 (11:07 +0900)]
Apply tizen coding rule
Change-Id: Iafc8ee13e7f2cdc1c82a74056b9fd7baa4b0d365
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 12 Sep 2017 10:48:08 +0000 (19:48 +0900)]
Remove unnecessary logs
Change-Id: Iefbabc9a173cc007f5ecfab9c2186a0bdd6f0e39
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 11 Sep 2017 02:05:16 +0000 (11:05 +0900)]
Add core privilege for wearable profile: apphistory.read
Change-Id: Ie46b1e42673f0346f4b05719e46187e97f6c3c6a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 8 Sep 2017 06:52:39 +0000 (15:52 +0900)]
Update language files
Change-Id: Ibed8e8495f13da59874c8de0e0a6fd8a56be864b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 5 Sep 2017 11:03:24 +0000 (20:03 +0900)]
Modify privacy package APIs to handle global app case
- When an application is installed/uninstalled/updated by owner(admin user),
uid 376(TZ_SYS_GLOBALAPP_USER) is passed.
Current privacy package APIs can handle only local apps so
modify them to handle global app case.
Change-Id: Ib912fad803b54521ada675ea7d2f1aa180a3785a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 23 Aug 2017 02:47:09 +0000 (11:47 +0900)]
Remove DISABLE_ASKUSER check from where it is not required
- privilege_db_manager_is_user_settable() works according to the predefined privacy whitelist and DISABLE_ASKUSER should not affect on it.
Change-Id: Ieec2a2926abec4152555ffad8bb63b924bd0597c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 24 Jul 2017 04:47:46 +0000 (13:47 +0900)]
Add core privilege gestureactivation and gesturegrab for mobile and wearable profile
Change-Id: I5524ad0f728567d7254c8b5e011e8f10a02c5e7c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 20 Jul 2017 06:56:26 +0000 (15:56 +0900)]
Do not return privilege type privacy for apps with api-version lower than 4.0
- Privacy request API is available since Tizen 4.0
so apps with lower api-version can not request privacy at runtime.
Therefore modify privilege_info_get_privilege_type() not to return
PRIVILEGE_MANAGER_PRIVILEGE_TYPE_PRIVACY for apps
with api-version lower than 4.0.
Change-Id: I1660fa25ce26a08b1537fda9387e8568eec56865
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 14 Jun 2017 06:23:26 +0000 (15:23 +0900)]
Add privacy DB
- Add privacy DB to store privacy package info
- Remove redundant build: No need to build policy DB for each profile
Change-Id: Ib2f7550b9e7f0d7c8788d6a1bfcf1ebadc1b6581
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 10 Jul 2017 05:56:38 +0000 (05:56 +0000)]
Revert "Add web wifidirect privilege for mobile, wearable, and tv profile"
- Remove web wifidirect privilege from all profile due to the cancellation of the ACR
This reverts commit
464320e419e85efda5a3632cfead05e1163fd418.
Change-Id: Iee690d078edf1e9c3216525a3d0ec941a0a50a38
Yunjin Lee [Wed, 5 Jul 2017 11:14:39 +0000 (20:14 +0900)]
Remove duplicate 'const'
Change-Id: I4f79eb7c66ac1cdd27602108b5785f537a470d88
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 5 Jul 2017 08:35:58 +0000 (17:35 +0900)]
Add core privilege for mobile/wearable profile: blocknumber.read, blocknumber.write
Change-Id: Id6c4a359f772ab329a7f0883671a4c98ee2011a6
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 13 Jun 2017 07:36:28 +0000 (16:36 +0900)]
Modify script to create policy db at FOTA upgrade
Change-Id: Ibc5f9275b42610cd750a332b4df13a1ddd7971ac
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 12 Jun 2017 08:14:36 +0000 (17:14 +0900)]
Revise privilege verification and remove legacy code
- Revise enum
- Revise privilege verification logic
- Remove APIs not used anymore
Change-Id: I441d8367324dd7a3ab7c57bbca7647adbbd30f57
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 30 Jun 2017 08:20:35 +0000 (17:20 +0900)]
Add web privileges for wearable profile: account.read, account.write, contact.read, and contact.write
Change-Id: I7cc78296d30323b5061cb66e180083cd2576de6a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 29 Jun 2017 05:17:24 +0000 (14:17 +0900)]
Add web wifidirect privilege for mobile, wearable, and tv profile
Change-Id: I7f56f2efb3b15d6bc5790dca573511ef0ed75946
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 20 Jun 2017 07:49:30 +0000 (16:49 +0900)]
Update privacy whitelist for wearable preloaded apps
Change-Id: Iaedaf0036172b392e59f4792f72afd93aea99382
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 8 Jun 2017 09:25:30 +0000 (18:25 +0900)]
Remove web bluetooth, d2d.datasharing privilege from tv profile
Change-Id: I0ca5573adfac77e8c42b122ce3d2d8afb45d1d01
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 8 Jun 2017 02:36:14 +0000 (11:36 +0900)]
Add web privilege for wearable profile: calendar.read, calendar.write
Change-Id: I3cb73482ae566c790e0b6ac094a7ca06a375cec4
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 1 Jun 2017 04:05:33 +0000 (13:05 +0900)]
Update privacy white list for wearable preloaded apps
Change-Id: Ifd9ec24550c399299aabaf691ca1a927bf09150e
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Kim Kidong [Mon, 29 May 2017 08:01:35 +0000 (08:01 +0000)]
Merge "Revert "Deprecate wrt privilege: nfc.admin"" into tizen
Jin-gyu Kim [Mon, 29 May 2017 08:00:22 +0000 (08:00 +0000)]
Revert "Deprecate wrt privilege: nfc.admin"
This reverts commit
2a3da8b247b95724f38f24d108cf3e1f348defce.
Change-Id: I4ea61a1e04c830d606f3a8eacf7974fbdae8217c
Yunjin Lee [Wed, 24 May 2017 01:50:51 +0000 (10:50 +0900)]
Update privacy white list for preloaded apps
Change-Id: Ibb7b65d1892375894bba79ca3e83302c3c222efa
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 22 May 2017 07:04:49 +0000 (16:04 +0900)]
Add missing mapped privilege for wrt recorder
- Add http://tizen.org/privilege/internal/buxton/camcorder
Change-Id: I7da513f9165114db83fc11c4aa74e4089977864d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 22 May 2017 05:34:18 +0000 (14:34 +0900)]
Add wrt privilege: recorder
Change-Id: I51b856bc43546b0e4d4c4007b753972e3699f026
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 19 May 2017 08:23:43 +0000 (17:23 +0900)]
Add core privilege: zigbee, zigbee.admin
Change-Id: Idf8c7f3f7efb4937b9ddcb18b2e6fceb05bc00a5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 19 May 2017 06:52:56 +0000 (15:52 +0900)]
Deprecate wrt privilege: nfc.admin
Change-Id: I9a279d8a5c3deb80c4e7f487dd87d0195791a7f1
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 18 May 2017 10:59:55 +0000 (19:59 +0900)]
Add core privilege: tee.client
- Add core privilege http://tizen.org/privilege/tee.client for mobile/wearable/tv profile
Change-Id: I6065da358aac19f171008cc8cb17703d74165a06
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 22 Feb 2017 07:49:26 +0000 (16:49 +0900)]
Remove unused definitions and API
- remove definition related to api_version length check
- remove privilege_info_is_privacy2 (it was temporary support)
Change-Id: I4677507b726eb9cf502086fee52307f4e708297a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 11 May 2017 02:27:19 +0000 (11:27 +0900)]
Add web privilege for wearable/tv profile: apphistory.read
Change-Id: I3c7b18b418b704bf4fd0ed53492b18adb15ac938
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 12 Apr 2017 02:08:40 +0000 (11:08 +0900)]
Add web privilege for mobile profile: apphistory.read
Change-Id: I67701cf6708c0a44920259c3874269bc33dc4971
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
jin-gyu.kim [Thu, 30 Mar 2017 00:48:35 +0000 (09:48 +0900)]
Use %license macro to copy license file.
Change-Id: I51eb930e523fd55929c0ec7f2f5e70034d506972
Yunjin Lee [Wed, 22 Mar 2017 07:53:47 +0000 (16:53 +0900)]
Add API to see if the applciation is on the privacy white list
Change-Id: Ic274c314ee3cf94e554fafcc8d315c16f6681fc4
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
MyungJoo Ham [Mon, 14 Nov 2016 10:24:01 +0000 (19:24 +0900)]
Remove Profile Build Dependency: Do it at runtime
- This is for Tizen 4.0.
: Tizen 4.0 Configurability and Build Blocks require
to remove all profile-depending build options in spec files.
(No More profile macros!)
- It is recommended to distinguish features/profiles at runtime.
unless it incurs too much overhead, which requires you to
create multiple binaries and subpackages.
The configuration file is /etc/privilege-checker.ini
For example:
$ cat /etc/privilege-checker.ini
[General]
Profile = mobile
$
You can apply same ini file for server-running scenarios.
- This has a bit of code cleaning in build scripts.
(e.g., BuildRequires is global to all subpackages.)
- When you SR this, you need to create JIRA-TRE of:
: Add security-privilege-manager-profile_tv for tv profile
: Add security-privilege-manager-profile_wearable for wearable profile
: Add security-privilege-manager-profile_mobile for wearable profile
patchset7: rebased and coding style updated
Change-Id: I901bf017cd088bbb657144ad34a8d1209b648f15
Signed-off-by: MyungJoo Ham <myungjoo.ham@samsung.com>
Yunjin Lee [Mon, 23 Jan 2017 05:03:57 +0000 (14:03 +0900)]
Add policy DB update script for mdm blacklist
Change-Id: I7c831554c2e643ac31be9be332e0351b5afbb0cb
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 20 Jan 2017 06:17:00 +0000 (15:17 +0900)]
Apply runtime askuser-disable on new API
Change-Id: I9871901ef1c0e12cbf53ae021df69b4e974ad711
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 16 Jan 2017 07:05:58 +0000 (16:05 +0900)]
Support 2.3 issued web privilege set of mobile/wearable profile for 2.2.x
- There's no platform version 2.2.1 indeed but requirement of backward compatibility exist by product released with version 2.2.x
hence change platform 2.3 issued privilege's from version to 2.2.1 (mapping table only)
- The list of modified privileges are as follows(mobile/wearable)
: account.read, account.write, audiorecorder, call, camera, healthinfo, internet, nfc.cardemulation, volume.set
Change-Id: Ifb45f3c19bd5d0cfa7fb99a51679d8d209c5c9cc
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 13 Jan 2017 07:12:51 +0000 (16:12 +0900)]
Remove negative symbol from return value
- Error enum was modified to negative value hence no need to return error enum with negative symbol
Change-Id: I4c359d5389be4344d07936505679186ce082422c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 4 Jan 2017 06:20:44 +0000 (15:20 +0900)]
Handle black list check error properly
Change-Id: I5756f03a099e67dc31f321d99eeaf12cd0c4a1e6
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 3 Jan 2017 11:47:03 +0000 (20:47 +0900)]
Fix not exist privilege check bug of web under 2.3.1
Change-Id: Icb1aebf4239ca4c31bf5bc24686da0f034c26135
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 23 Dec 2016 07:34:22 +0000 (16:34 +0900)]
Add API to set/unset privilege disable list
- Add API to set/unset privilege disable list
- Add API to get disabled privilege list of certain user
- Remove compile warning : invalid multibyte sequence
Change-Id: Ib1a07e2adbb23430dde8aec7e3fe4b165a1288cd
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 21 Dec 2016 09:17:23 +0000 (18:17 +0900)]
Add API to get privilege type
- Add API to get privilege type.
It determines privilege type according to the given uid and package id
on the basis of ask policy white list per privacy and mdm black list.
- Add table for privacy white list.
It stores whitelist for ask policy and whether the privacy is user-settable or not.
Possible privacy option format is "*-{privacyA}-{privacyB}.." or "{privacyA}+{privacyB}+...".
If pkg should not be seen in privacy setting menu then set 'settable' flag to 0.
If 'settable' flag is set to 1 for the privacy or not exist for the privacy then then pkg privacy option is user-settable for that privacy.
Change-Id: I720e9f5abcf02c89b3a09238d5fbafe26bf8e044
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 2 Jan 2017 02:25:37 +0000 (11:25 +0900)]
Map internal usermanage privilege to systemsettings.admin
Change-Id: I14ef494c9abb9f0b1dd5f44e9c11668e6c2f9776
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 30 Dec 2016 07:38:32 +0000 (16:38 +0900)]
Add web push privilege to tv profile
Change-Id: I412469beb787742a5b2632e38bf1a4706acc02e2
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 26 Dec 2016 10:10:11 +0000 (19:10 +0900)]
Update wrt privilege mapping table: power privilege
Change-Id: Ia2633d04b871cf2564b4e0531e34253b4ed56289
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
jooseong lee [Fri, 23 Dec 2016 02:05:15 +0000 (11:05 +0900)]
Fix typo in previous commit
Change-Id: I9c9a2c9666e647550d3960b1e371b5a92022e5a5
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
jooseong lee [Thu, 22 Dec 2016 08:06:28 +0000 (17:06 +0900)]
Provide location privilege to all web application (below required version 2.3)
Change-Id: I95cb5a696ad55478bff50791167ddc41feb4f7e0
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
jin-gyu.kim [Mon, 19 Dec 2016 02:03:57 +0000 (11:03 +0900)]
Add the functionality to disable askuser in run-time.
Change-Id: I6f542060d29578757103a63f9835e12ba9245fa1
jooseong lee [Fri, 16 Dec 2016 04:09:46 +0000 (13:09 +0900)]
Add display privilege to all web application
When web applications use html video elements, web engine calls
display privileged api, which makes cynanre deny. Display privilege
should be provided to all web application like as Tizen2.x
Change-Id: I32f49289426cfc5e8233e3efe1d399f7516648db
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>
Yunjin Lee [Mon, 12 Dec 2016 11:17:10 +0000 (20:17 +0900)]
Remove internal privacymanagement and usermanagement privilege from mapping table
Change-Id: I1477b038dd6200083a4892c8b642583b0627c48c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 12 Dec 2016 11:14:25 +0000 (20:14 +0900)]
Do not treat internal privileges as privacy related
Change-Id: Id14795ba85f80e9e374903fbef62ba645a19411a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 8 Dec 2016 08:25:58 +0000 (17:25 +0900)]
Change policy db directory and fix typo
- Change policy db directory to TZ_SYS_DB and modify its security configuration for DPM
- Fix typo in profile definition
Change-Id: Ib6feae1a74bd4ff5f172caa0bf669f6053b25a05
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 7 Dec 2016 07:32:04 +0000 (16:32 +0900)]
Add DISABLE_ASKUSER definition for profiles not using it
Change-Id: Iaf37662cc564544cc4756f02f6f0ccafd9dbe917
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 7 Dec 2016 07:13:13 +0000 (16:13 +0900)]
Add internal appdebugging privilege to mapping db
Change-Id: I6ac875ff34b0ea023d6f21d1445583bccfb0e09c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 6 Dec 2016 12:00:50 +0000 (21:00 +0900)]
Revert modification of error message allocation
Change-Id: Icbfb12e6a115c5718aecc873678886f1c20ab975
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 5 Dec 2016 06:10:38 +0000 (15:10 +0900)]
Add missing whitelist app and Fix memory leak
Change-Id: Ie5703b747d1db76af22d0ab8cadf9e6ccba28f28
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 28 Nov 2016 06:38:46 +0000 (15:38 +0900)]
Add API to determine given privilege is privacy related or not on the basis of whitelist
Change-Id: I1df0f8dc4654124d3b052cc51dfd12c245f9bd69
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 18 Nov 2016 09:54:36 +0000 (18:54 +0900)]
Modify to check whether internal privileges are privacy related or not
- internal privileges mapped by privacy related core privileges are also privacy related.
- remove redundant internal privileges listed in internal_only.list to store them properly.
Change-Id: I561c4b998a90e4d527c5ef38c6c28802bddf33f5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 16 Nov 2016 09:13:15 +0000 (18:13 +0900)]
Add uid input parameter to privilege verification API
Change-Id: Ibfb77bd9af850cdd606a174f9861690fff1b0c5c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 16 Nov 2016 06:05:10 +0000 (15:05 +0900)]
Add API to check metadata with certificate level
Change-Id: I9e2157e9b09fb98e7773089de565b51634ccd26f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 8 Nov 2016 09:29:10 +0000 (18:29 +0900)]
Fix spec not to provide so at devel
Change-Id: I21edad969ed79b36711917e44645913761b3ad18
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 4 Nov 2016 05:06:31 +0000 (14:06 +0900)]
Add core privilege
- Add core calendar.read and calendar.write to wearable profile since api version 3.0
Change-Id: I5c42c26db524802c0ea1ef6b64d3f77ce74e7087
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 31 Oct 2016 09:18:51 +0000 (18:18 +0900)]
Fix not to do make db dir for build_type NO_DB and add so file for devel package
Change-Id: I19d32b188456fb2a8d8b0016d49180aae17dd499
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 28 Oct 2016 10:26:27 +0000 (19:26 +0900)]
Modify privilege version validation logic to support x.x.x.x format (x = integer, 0 <= x <= 255)
Change-Id: I0fd8978559abe5db19be62de14f3c0bcf97f4269
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Kim Kidong [Mon, 24 Oct 2016 02:00:35 +0000 (19:00 -0700)]
Merge "Remove rpmlint error and warning and add build type NO_DB" into tizen
Yunjin Lee [Fri, 21 Oct 2016 03:00:33 +0000 (12:00 +0900)]
Remove rpmlint error and warning and add build type NO_DB
- Remove rpmlint error and warning caused by package description and lang files
- Add build_type NO_DB to reduce build time for test without DB changes
Change-Id: Ia2b64035dad5346ec16458d67721f2820d94bda5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 9 Sep 2016 07:59:53 +0000 (16:59 +0900)]
Treat web only privilege as core privilege
Change-Id: I1bc290f00cb8b95d5326a50a3421e0be875633ef
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 29 Sep 2016 04:16:21 +0000 (13:16 +0900)]
Add web bluetooth privilege to TV profile
Change-Id: I6eb83f2f8779ae4ae5d46210422d725646eb4aa5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 20 Sep 2016 08:23:29 +0000 (17:23 +0900)]
Fix privacy ID of tv profile to url format
Change-Id: Iaf669470fef71546682ae653d7b14c5c0ae26aed
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 5 Sep 2016 06:25:21 +0000 (15:25 +0900)]
Add restore_fcommon macro for ASan
Change-Id: I52e98248544950fab7a2b09852d1ae94c6912ed2
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 5 Sep 2016 05:14:57 +0000 (14:14 +0900)]
Modify privacy display API and add tc for it
- Modify privilege_info_get_privacy_display() to get translated string
- Add tc for privilege_info_get_privacy_display()
Change-Id: If215be28cc7a716428e21b794e6d8eeb1c3bac95
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 31 Aug 2016 08:48:13 +0000 (17:48 +0900)]
Add core privilege and update language files : fido client
Change-Id: I6be58d17e8879827915dd056135b43d8a02f78d2
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 31 Aug 2016 05:30:40 +0000 (14:30 +0900)]
Remove core privilege and update language files
- Remove core privilege: dpm.settings
- Update language files for appdir.shareddata privilege description
Change-Id: Ia9ce31778815025fa41d824a419e0ec51dbf4401
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 22 Aug 2016 01:37:39 +0000 (10:37 +0900)]
Add core privilege: appdir.shareddata
Change-Id: I71636f2b97df7f523f1aff3ee3d5bc1805f89b4f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 11 Aug 2016 08:36:14 +0000 (17:36 +0900)]
Remove core privilege: vpnservice.admin
Change-Id: I2e02333bfb6886d702d09d18444737fb9830c878
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 8 Aug 2016 08:06:18 +0000 (17:06 +0900)]
Add API for getting privacy ID by privilege
Change-Id: I090af0d4b6043cfd7cadfbb50d9cf57105626ba1
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
BogonKim [Tue, 26 Jul 2016 10:04:21 +0000 (19:04 +0900)]
Privilege Verifier : Utility provides functions to verify privilege information of packages to be installed.
Change-Id: Ibbc584e867ae625baf593a9f0444ed0a588e8df2
Signed-off-by: BogonKim <bogon82.kim@samsung.com>
BogonKim [Tue, 26 Jul 2016 03:56:30 +0000 (12:56 +0900)]
remove undefined symbol
Problem : undefined symbol cause link error
when executable link with this library.
Solution : Add "-Wl,--no-undefined" to occur build error
for undefined symbol and remove undefined symbol
Change-Id: I5c942cdf3be6114f5a3e918c0e8cee47fdceb050
Signed-off-by: BogonKim <bogon82.kim@samsung.com>