review.tizen.org Git - platform/core/security/security-config.git/log

projects / platform / core / security / security-config.git / log

jin-gyu.kim [Tue, 13 Dec 2016 04:58:16 +0000 (13:58 +0900)]

Add cap_chown to email-service.

Change-Id: I7103e6796a79fe9117eed5b684ee9ebb3d774696

jin-gyu.kim [Mon, 12 Dec 2016 06:00:35 +0000 (15:00 +0900)]

Fix security-test
- Add rule ~PROCESS ~PROCESS, rxxat for the same non-hybrid app label.

Change-Id: I749a37bc2d2b63e31ceeb187bc466b1a2c191e1b

commit | commitdiff | tree

keeho.yang [Tue, 6 Dec 2016 06:28:07 +0000 (15:28 +0900)]

remove capability in connman, net-config

Change-Id: Ia3e371ab6c5afbdcfc6a2e37e8692b59983f4d6d

commit | commitdiff | tree

Kim Kidong [Mon, 5 Dec 2016 04:29:12 +0000 (20:29 -0800)]

Merge "Remove redundant cap_dac_override capabilities." into tizen

commit | commitdiff | tree

jin-gyu.kim [Fri, 2 Dec 2016 04:14:41 +0000 (13:14 +0900)]

Change the label of the upgrade script.

Change-Id: Ibb6c482a69e976e64a778b65b5234c54500ff0bf

commit | commitdiff | tree

jin-gyu.kim [Fri, 2 Dec 2016 02:15:12 +0000 (11:15 +0900)]

Remove redundant cap_dac_override capabilities.

Change-Id: Idb66a81bd335bd0f4ae34217abd628fc9bbcc9ae

commit | commitdiff | tree

Kim Kidong [Mon, 28 Nov 2016 11:34:26 +0000 (03:34 -0800)]

Merge "Add cap_dac_read_search to pkg_getsize" into tizen

commit | commitdiff | tree

jin-gyu.kim [Mon, 28 Nov 2016 11:31:45 +0000 (20:31 +0900)]

Add cap_dac_read_search to pkg_getsize

Change-Id: I4cd931484ca6f8491a998c556a6aecb99bdaa8d2

commit | commitdiff | tree

Sunmin Lee [Thu, 24 Nov 2016 14:08:32 +0000 (23:08 +0900)]

Trigger services using systemd

Change-Id: I1c1b1179a0cee7e35beb1a98f316fffad53e7dab

commit | commitdiff | tree

Sunmin Lee [Thu, 24 Nov 2016 14:08:32 +0000 (23:08 +0900)]

Trigger services using systemd

Change-Id: I1c1b1179a0cee7e35beb1a98f316fffad53e7dab

commit | commitdiff | tree

jooseong lee [Thu, 24 Nov 2016 02:15:04 +0000 (11:15 +0900)]

Sleep before security-manager-cmd in upgrade script

Change-Id: I20e4c17e6eb1705a115028169b28c52241d8c0d9
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Wed, 23 Nov 2016 09:58:33 +0000 (18:58 +0900)]

Update default user on cynara db during 3.0 upgrade

Change-Id: I85b02be01c4c2bacf1af6e4316c7fa13f03e6a68
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Wed, 23 Nov 2016 01:23:15 +0000 (10:23 +0900)]

Add CAP_NET_ADMIN and CAP_NET_RAW to xtables-muti for nether

refer to: https://review.tizen.org/gerrit/#/c/79675/

Change-Id: I993819b50d56812fe27360999093d4fccd5351e4
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Tue, 22 Nov 2016 08:42:33 +0000 (17:42 +0900)]

Set TZ_USER_APP directory permission in gumd script

Some service daemons, non root, access to application data directory.
In case, they have cap_dac_override. We will change file permission
to access app data directory for service daemon and remove their
cap_dac_override.

Change-Id: I0d007f9277229b9be889d9cb01c3c79e82f8b1db
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jin-gyu.kim [Mon, 21 Nov 2016 05:59:44 +0000 (14:59 +0900)]

Add rpm description in log file.

Change-Id: Ibe8c8cfa81ffafb992ec0c132ea7b35f1f5154c7

commit | commitdiff | tree

jooseong lee [Mon, 21 Nov 2016 02:52:21 +0000 (11:52 +0900)]

Fix typo

Change-Id: I6e6df5f8602dc35e1abbf727ea34ba23d2e68212
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Mon, 21 Nov 2016 02:49:49 +0000 (11:49 +0900)]

Add cap_dac_override to data-provider-master

Change-Id: I53b9ad1d0e630a25142526a4c1be99b3f8fbebbd
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Fri, 18 Nov 2016 09:21:57 +0000 (18:21 +0900)]

Update upgrade script

* Dyntransition file('apps_name') was renamed to 'apps_labels'
* systemctl command is not working on migration.
Just launch cynara and security-manager manually.

Change-Id: Ifaf6121e8c924f9212ebed4187132730b20ce02b
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Mon, 14 Nov 2016 04:02:34 +0000 (13:02 +0900)]

Update security-test(smack-rule, smack-basic) scripts

* Application process's prefix label was changed. (User::App -> User::Pkg)
- https://review.tizen.org/gerrit/#/c/88317/
* Added 'l' permission to SharedRO rule
- https://review.tizen.org/gerrit/#/c/96752/

Change-Id: I9b139ebb41599ec0e33edf527732eae4b0e2f8c2
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

keeho.yang [Wed, 19 Oct 2016 09:37:13 +0000 (18:37 +0900)]

Update root test list on 1019

Change-Id: I9d3968e70868c3dfbbb1f0d17cd0b01f8f588f0d

commit | commitdiff | tree

Seongwook Chung [Tue, 18 Oct 2016 02:30:06 +0000 (11:30 +0900)]

Restore capability for boot-animation

Change-Id: I2726ee99b97e975f80ad1fcdaeca88a6d8970ca0
Signed-off-by: Seongwook Chung <seong.chung@samsung.com>

commit | commitdiff | tree

keeho.yang [Thu, 13 Oct 2016 07:55:16 +0000 (16:55 +0900)]

add capability to emul-common-preinit, emul-setup-audio-volume service

Change-Id: I8448eac338f9f238c93af8a8f9b010f1a2c43cdc

commit | commitdiff | tree

keeho.yang [Tue, 11 Oct 2016 08:09:35 +0000 (17:09 +0900)]

add capability with ei permisstion in chmod, chgrp

Change-Id: Ieacc75f906e296149a777e19041db38b3d6ac4d1

commit | commitdiff | tree

keeho.yang [Mon, 10 Oct 2016 08:24:50 +0000 (17:24 +0900)]

delete capability on boot-animatino and shutdown-animation

Change-Id: Ia255792781ec950a8191338ef61dc75ae1b6c477

commit | commitdiff | tree

jooseong lee [Mon, 10 Oct 2016 01:15:03 +0000 (10:15 +0900)]

Revert 'Set Smack execute label('User::Shell') to /usr/bin/sh'

Change-Id: Ia67267368748340efbed691e856d2d76e01db28f
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

keeho yang [Fri, 7 Oct 2016 09:42:55 +0000 (02:42 -0700)]

Merge "Change script and list about root test and capability test" into tizen

commit | commitdiff | tree

Seongwook Chung [Fri, 7 Oct 2016 09:40:03 +0000 (02:40 -0700)]

Merge "add capability for mobileap-agent, connman, net-config package" into tizen

commit | commitdiff | tree

keeho.yang [Fri, 7 Oct 2016 08:25:57 +0000 (17:25 +0900)]

add capability for mobileap-agent, connman, net-config package

Since network daemons change uid from root to network_fw,
thoes daemons need posix capabilities

Change-Id: I3242312db4ffd9a169241e4d3d043fa3ceefedca

commit | commitdiff | tree

jooseong lee [Fri, 7 Oct 2016 08:25:20 +0000 (17:25 +0900)]

Set Smack execute label('User::Shell') to /usr/bin/sh

'User::Shell' is a new domain for only shell process.
Actually it should be set by bash packages. This is a
temporary patch.

Change-Id: Id71cc28ed0a07e5c12186f60a2201c2231f925c4
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jin-gyu.kim [Thu, 6 Oct 2016 09:45:45 +0000 (18:45 +0900)]

Modify security-test.
There are changes in SMACK rules. (app id -> pkg id, User:Shell)
Therefore, secutiy-test also change the check criteria.

Change-Id: I42df1f77874f231906ce8fc575735125c8e904b3

commit | commitdiff | tree

Seongwook Chung [Fri, 30 Sep 2016 01:22:45 +0000 (10:22 +0900)]

Change script and list about root test and capability test

Signed-off-by: Seongwook Chung <seong.chung@samsung.com>

commit | commitdiff | tree

jin-gyu.kim [Tue, 27 Sep 2016 03:59:12 +0000 (12:59 +0900)]

Fix the type in CMakeLists of security-test.

Change-Id: I38d56609afbc0e08252338152288185a9b1028dd

commit | commitdiff | tree

jooseong lee [Mon, 26 Sep 2016 07:10:06 +0000 (16:10 +0900)]

Add User::Shell to onlycap list

'User::Shell' is a new domain for only shell process.

* https://review.tizen.org/gerrit/#/c/89586/

Change-Id: Icfb489f375fc02395f69005105f8e84683676009
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

Kim Kidong [Thu, 22 Sep 2016 00:35:26 +0000 (17:35 -0700)]

Merge "Remove profile build dependencies - There will be base package and sub pacakges of each profiles." into tizen

commit | commitdiff | tree

jin-gyu.kim [Thu, 8 Sep 2016 09:28:20 +0000 (18:28 +0900)]

Remove profile build dependencies
- There will be base package and sub pacakges of each profiles.

Change-Id: I5e376ce937ff0f43d4b1ab858500d45bfe68a856

commit | commitdiff | tree

jin-gyu.kim [Tue, 20 Sep 2016 05:05:55 +0000 (14:05 +0900)]

Change group and permission of TZ_USER_HOME.
- Some services could not read db file under TZ_USER_HOME.
- system_share group will can read it with this change.

Change-Id: Idf719b4979e583e13b5f735342c363b00449e4f5

commit | commitdiff | tree

jooseong lee [Mon, 19 Sep 2016 02:43:58 +0000 (11:43 +0900)]

Rename upgrade script(011.security_upgrade.sh)

Change-Id: I363b329d1d238e66f74b2dbacdbfc5bf85f8d388
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

Kunhoon Baik [Tue, 13 Sep 2016 10:01:03 +0000 (19:01 +0900)]

Reset fail state of cynara service at upgrade.

Cynara is launched & failed several time before creating /var/cynara.
Thus, without reseting fail state, restarting cynara service may be failed.

This patch solves the non-deteminant cynara state issue.

Change-Id: I4ad6d928f33dcbd65bf90f5db31a05a766c11291

commit | commitdiff | tree

Seongwook Chung [Thu, 8 Sep 2016 08:31:46 +0000 (17:31 +0900)]

Check existence of execution file before capability setting

Change-Id: Id4b39c477e0cc924786e477cae31b2686d09b658
Signed-off-by: Seongwook Chung <seong.chung@samsung.com>

commit | commitdiff | tree

Seongwook Chung [Thu, 8 Sep 2016 05:29:24 +0000 (14:29 +0900)]

Display absolute path of object file in log about security test

Change-Id: I73c308b9541b8eabf62e29d0fe45a34cff928369
Signed-off-by: Seongwook Chung <seong.chung@samsung.com>

commit | commitdiff | tree

Kim Kidong [Mon, 19 Sep 2016 00:36:36 +0000 (17:36 -0700)]

Merge "Insert telephony id into disk group for telephony package" into tizen

commit | commitdiff | tree

jin-gyu.kim [Fri, 9 Sep 2016 09:10:13 +0000 (18:10 +0900)]

Restart services after upgrade script is finished.

Change-Id: Icda49c9f44dc2af527f448f8d13b362bd674f108

commit | commitdiff | tree

jooseong lee [Thu, 8 Sep 2016 06:16:52 +0000 (15:16 +0900)]

Make TZ_USER_DB/privacy directory to protect privacy data

Some Databases have privacy data like as contact and calendar.
We should restrict access to these DBs from malware applications.
TZ_USER_DB/privacy is a new dbspace which any applications can't access.

Change-Id: Ia01e7695126a4f0a627cb90c9f878e3abe1b289d
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Thu, 8 Sep 2016 04:49:12 +0000 (13:49 +0900)]

Set permissions for TZ_SYS_GLOBALUSER_DB(/opt/usr/dbspace)

Change-Id: I38ce24618ccda5c9cb0dabbe0c388eeab9de67d8
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

Seongwook Chung [Thu, 8 Sep 2016 00:59:42 +0000 (09:59 +0900)]

Insert telephony id into disk group for telephony package

Since telephony package decided to use telephony id instead of network_fw,
replace telephony from network_fw

Change-Id: I7cd42c924de643fe870831ff3fa31e84622f2f18
Signed-off-by: Seongwook Chung <seong.chung@samsung.com>

commit | commitdiff | tree

jooseong lee [Wed, 7 Sep 2016 10:56:30 +0000 (19:56 +0900)]

Remove smack labeling('User') for xwalk-runtime

xwalk-runtime is for direct app-launching unlike launchpad-loader
and wrt-loader. So we should remove execute label for chanaging process label
to app label.

Change-Id: Ic6c9e0527e248f6699b2cbc59062a82ab443a644
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Wed, 7 Sep 2016 09:18:27 +0000 (18:18 +0900)]

Run set_label in platform upgrade script

Change-Id: Icff0527cdc3d3ed2dabe9b7308b1113e28c8188f
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

keeho.yang [Fri, 2 Sep 2016 05:52:29 +0000 (14:52 +0900)]

change root daemon to non daemon(deivced-vibrator, nvitemd)

Change-Id: Ib540b97b269bfcdf572a0ca22224ff44bfe664cf

commit | commitdiff | tree

jooseong lee [Thu, 25 Aug 2016 02:46:41 +0000 (11:46 +0900)]

Update platform upgrade script to remove non used files

Change-Id: I530fcb095f1295e929a880d637a6c4d816a04548
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Thu, 25 Aug 2016 01:19:33 +0000 (10:19 +0900)]

Change password filename to 'password.old' during Tizen platform upgrade

Auth-fw will load 2.x password file created by security-server after
Tizen platform upgrade(2.4 -> 3.0). But 2.x password is different with
current password format. So I add postfix '.old' to 2.x password filename
to reconstruct old password format in auth-fw.

Refer to : https://review.tizen.org/gerrit/#/c/85385/

Change-Id: I7d6b3982f5c17c3143175e7819fa49ee9b6a53de
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Wed, 24 Aug 2016 07:28:58 +0000 (16:28 +0900)]

Add platform upgrade script for Tizen3.0

'Platform upgrade image' has only RO partition(rootfs). And RW
partition should be updated by several scripts(/usr/share/upgrade/
scripts). This upgrade script for security feature performs below things.

* Remove non used directories/files
ex. security-server data directories, rules db
* Make directories/files in RW partition for 3.0 security services
ex. /opt/var/security-manager
* Init Cynara and security-manager db
* Set file permission, Smack labeling

Change-Id: I163405710685c2f1873bee35d97ef35a519d6ce7
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

Seongwook Chung [Mon, 22 Aug 2016 04:30:29 +0000 (21:30 -0700)]

Merge "add capability to boot-animation" into tizen

commit | commitdiff | tree

keeho.yang [Tue, 16 Aug 2016 08:48:16 +0000 (17:48 +0900)]

add capability to boot-animation

Change-Id: Id5f536163ecb88842e15ea178ab0caa8bdede79d

commit | commitdiff | tree

jin-gyu.kim [Thu, 18 Aug 2016 09:06:11 +0000 (18:06 +0900)]

Change SQL query command in smack rule test.
- Security-manager.db changes the name of db view.

Change-Id: I5fd08d04db1bb07595ed3033c7b4cc1229cecc6c

commit | commitdiff | tree

jooseong lee [Thu, 11 Aug 2016 00:56:39 +0000 (09:56 +0900)]

Add cap_dac_override to xdelta3

Change-Id: I786cf860298da90d0158fc45c42af5714583bfba
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Wed, 10 Aug 2016 11:02:41 +0000 (20:02 +0900)]

Add cap_dac_override, cap_chown and cap_fowner to tpk-backend and wgt-backend

Change-Id: I2ca9c55b73604f4efb6d5f3088e2e46b2d23d212
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

keeho.yang [Wed, 3 Aug 2016 03:57:38 +0000 (12:57 +0900)]

add cap_dac_override to gpsd

Change-Id: Ie2b0eb476939cc8f8764843c0ecc15c8c1e3e424

commit | commitdiff | tree

jooseong lee [Fri, 22 Jul 2016 07:17:54 +0000 (16:17 +0900)]

Remove execute smack labeling for onlycap feature

We added 'SmackProcessLabel' to all system service files.

Change-Id: I44f2b2eeba17b90b6eaf654ccccc22d804e17e25
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

Yunjin Lee [Wed, 20 Jul 2016 10:36:54 +0000 (19:36 +0900)]

Set SmackProcessLabel to System::Privileged

Change-Id: Ib49f9488a8eec6f152652d28fec587e047dd8cd5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Wed, 20 Jul 2016 04:39:43 +0000 (13:39 +0900)]

Apply onlycap feature to mobile and wearable profiles only

Change-Id: I096af17dd1aaf2312cdf18bd4449148aca09bb85
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Wed, 20 Jul 2016 04:15:03 +0000 (13:15 +0900)]

Give execute label('User') to application loader

Fix smack permission issue from onlycap feature

Change-Id: I11da53e0d4c2001aa68fe1decae6fbab289bc410
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Tue, 19 Jul 2016 07:26:50 +0000 (16:26 +0900)]

Remove bt-service from service_daemon_list

Change-Id: I572a2559bbfbd5453aafe822501342292032f594
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

Kim Kidong [Tue, 19 Jul 2016 02:03:07 +0000 (19:03 -0700)]

Merge "Enable Smack onlycap feature" into tizen

commit | commitdiff | tree

jooseong lee [Tue, 19 Jul 2016 01:31:33 +0000 (10:31 +0900)]

Enable Smack onlycap feature

We are ready to enable onlycap feature. Onlycap label is 'System::Privileged'.

* Add new sub domain ('System::Privileged')
: https://review.tizen.org/gerrit/#/c/80083/
* Add proper Smack rules and Cynara permission
: https://review.tizen.org/gerrit/#/c/80084/
* Give execute label
- systemd : https://review.tizen.org/gerrit/#/c/80375/
- launchpad : https://review.tizen.org/gerrit/#/c/80216/
- debug-launchpad : https://review.tizen.org/gerrit/#/c/80221/
- serveral service : https://review.tizen.org/gerrit/#/c/80272/
(This is a temporary patch. WE WILL USE 'SmackProcessLabel' option
IN EACH SERVICE FILES)

Change-Id: I105e5433f1411fcd26a109c4e29d526c27e8f72d
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

Kim Kidong [Tue, 19 Jul 2016 01:30:40 +0000 (18:30 -0700)]

Merge "Remove app2sd-server from service_daemon_list" into tizen

commit | commitdiff | tree

keeho.yang [Tue, 19 Jul 2016 01:13:44 +0000 (10:13 +0900)]

change display-manager.service to root_deamon_list from non_daemon_list

Change-Id: I870000a8faf3619d1c5457cd8bedb6cffdeb211b

commit | commitdiff | tree

jooseong lee [Tue, 19 Jul 2016 01:14:13 +0000 (10:14 +0900)]

Remove app2sd-server from service_daemon_list

Change-Id: I2043e0dedccea936af8a8d7e6f2417775215e542
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jooseong lee [Mon, 18 Jul 2016 11:50:25 +0000 (20:50 +0900)]

Add /usr/bin/xwalk_runtime to service_daemon_list

Because of Smack dyntransition, xwalk_runtime dosen't
need 'System::Privileged' label.

Change-Id: Ib43b22e2eb6638f948730d056fc31ab12a391c0e
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

Kim Kidong [Mon, 18 Jul 2016 09:48:04 +0000 (02:48 -0700)]

Merge "Give system execute label into service daemons." into tizen

commit | commitdiff | tree

jin-gyu.kim [Fri, 15 Jul 2016 11:48:33 +0000 (20:48 +0900)]

Give system execute label into service daemons.

Change-Id: I21b0d348c3d89fb5042fb78fb52c5bf2581cfcbb

commit | commitdiff | tree

jin-gyu.kim [Mon, 18 Jul 2016 05:18:55 +0000 (14:18 +0900)]

Add rules related with addition of System::Privileged domain.

Change-Id: I8c0754342339ae65982ceab6c376fd4387246cbf

commit | commitdiff | tree

Kim Kidong [Thu, 14 Jul 2016 06:28:06 +0000 (23:28 -0700)]

Merge "Move muse-server in root daemon list to non root list" into tizen

commit | commitdiff | tree

jooseong lee [Thu, 14 Jul 2016 06:22:47 +0000 (15:22 +0900)]

Move muse-server in root daemon list to non root list

muse-server.service
* User=multimedia_fw
* Group=multimedia_fw

Change-Id: I50db443c68be20a9223bc4aaaa6904a84706fd4f
Signed-off-by: jooseong lee <jooseong.lee@samsung.com>

commit | commitdiff | tree

jin-gyu.kim [Thu, 14 Jul 2016 02:51:01 +0000 (11:51 +0900)]

Disable security-config service in tv profile.

Change-Id: Icd277aa33cab1ffa41af15e9b99b8ba1ab3ee20f

commit | commitdiff | tree

keeho.yang [Tue, 12 Jul 2016 07:29:52 +0000 (16:29 +0900)]

delete muse-server.service and device-policy-manager.service in capability exception list

Change-Id: I9b708c73107d3276f315470a4640b00620d47556

commit | commitdiff | tree

Yunjin Lee [Mon, 11 Jul 2016 08:04:15 +0000 (17:04 +0900)]

Remove temporal exceptions from aslr, suid exception list

Change-Id: Id21dcfc34b9795fbf066132979f563d978ac7a63
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>

commit | commitdiff | tree

Kim Kidong [Fri, 8 Jul 2016 05:04:50 +0000 (22:04 -0700)]

Merge "Check csa folder also for smack label tst." into tizen

commit | commitdiff | tree

Kim Kidong [Fri, 8 Jul 2016 05:04:00 +0000 (22:04 -0700)]

Merge "Update ASLR test script and stable file of ASLR and SUID" into tizen

commit | commitdiff | tree

jin-gyu.kim [Fri, 8 Jul 2016 04:57:53 +0000 (13:57 +0900)]

Check csa folder also for smack label tst.

Change-Id: I437bbe66737cc60c5b577f52b242dc785ad5edb9

commit | commitdiff | tree

Yunjin Lee [Fri, 8 Jul 2016 04:57:22 +0000 (13:57 +0900)]

Update ASLR test script and stable file of ASLR and SUID

Change-Id: Ifa0173dc42390a6ab7e2001defa803bfa31f04e0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>

commit | commitdiff | tree

keeho.yang [Fri, 8 Jul 2016 02:33:44 +0000 (11:33 +0900)]

update list 2

Change-Id: I387066802054104c1b8ac89a47b28138ac8f1342

commit | commitdiff | tree

keeho.yang [Thu, 7 Jul 2016 11:44:33 +0000 (20:44 +0900)]

update root daemon list

Change-Id: I854d89566052707a020c622ec8dc4924adb3e593

commit | commitdiff | tree

Kim Kidong [Thu, 7 Jul 2016 02:26:21 +0000 (19:26 -0700)]

Merge "update root list for gumd and make stable file for RC" into tizen

commit | commitdiff | tree

Kidong Kim [Thu, 7 Jul 2016 02:22:19 +0000 (11:22 +0900)]

add capability to muse-server

Change-Id: I4577baa7aafec10da8f36e0d092dc9aa44e8c1ad
Signed-off-by: Kidong Kim <kd0228.kim@samsung.com>

commit | commitdiff | tree

keeho.yang [Thu, 7 Jul 2016 01:27:32 +0000 (10:27 +0900)]

update root list for gumd and make stable file for RC

Change-Id: Ice2cf504f5c4d1fc57d4bb737214dd8c644b18e7

commit | commitdiff | tree

keeho.yang [Wed, 6 Jul 2016 09:28:51 +0000 (18:28 +0900)]

update list2

Change-Id: I15e2f910fa02847b6243b36d944cb9f9af1fcd17

commit | commitdiff | tree

Kim Kidong [Wed, 6 Jul 2016 09:22:19 +0000 (02:22 -0700)]

Merge "update list" into tizen

commit | commitdiff | tree

Kim Kidong [Wed, 6 Jul 2016 09:22:08 +0000 (02:22 -0700)]

Merge "Smack label check test : Check hidden files also." into tizen

commit | commitdiff | tree

keeho.yang [Wed, 6 Jul 2016 09:15:50 +0000 (18:15 +0900)]

update list

Change-Id: Iff9fa0badd46a5a42d5948db08d542e2ec5eee22

commit | commitdiff | tree

jin-gyu.kim [Wed, 6 Jul 2016 09:03:17 +0000 (18:03 +0900)]

Smack label check test : Check hidden files also.

Change-Id: I1d15f5ef517affd2bc835f0e89f5695741fb2f8d

commit | commitdiff | tree

jin-gyu.kim [Wed, 6 Jul 2016 08:50:33 +0000 (17:50 +0900)]

Add multimedia_fw into video.

Change-Id: I127bb02d4bf63cbf2af74807cf9bbadc8302326f

commit | commitdiff | tree

Kim Kidong [Wed, 6 Jul 2016 08:37:24 +0000 (01:37 -0700)]

Merge "Fix build error in 64 bit profiles." into tizen

commit | commitdiff | tree

keeho yang [Wed, 6 Jul 2016 08:30:19 +0000 (01:30 -0700)]

Merge "Insert bluetooth-share into non root list about test" into tizen

commit | commitdiff | tree

jin-gyu.kim [Wed, 6 Jul 2016 08:12:02 +0000 (17:12 +0900)]

Fix build error in 64 bit profiles.

Change-Id: Ie661d328205ce1dd41991632a7b45647d69dd5cb

commit | commitdiff | tree

jin-gyu.kim [Wed, 6 Jul 2016 07:41:40 +0000 (16:41 +0900)]

Add multimedia_fw into audio

Change-Id: Idf12bb893a09e43403753645f206114c167d6ab8

commit | commitdiff | tree

Kim Kidong [Wed, 6 Jul 2016 07:30:47 +0000 (00:30 -0700)]

Merge "update root_daemon_list in root_test, capability_test" into tizen

commit | commitdiff | tree

keeho.yang [Wed, 6 Jul 2016 07:13:32 +0000 (16:13 +0900)]

update root_daemon_list in root_test, capability_test

Change-Id: I8641538ce15e556db6567a7ebc0c58a68bf5826d

commit | commitdiff | tree

jin-gyu.kim [Wed, 6 Jul 2016 05:37:35 +0000 (14:37 +0900)]

Install smack_default_labeling
- It sets smack label for the specific folder.
- It is executed by security-config.service

Change-Id: Ica179a7282bd18978ba22f8ad477a664106ceb84

commit | commitdiff | tree

Kim Kidong [Tue, 5 Jul 2016 09:27:38 +0000 (02:27 -0700)]

Merge "Set smack labels as floor in csa folder." into tizen

commit | commitdiff | tree

Yunjin Lee [Tue, 5 Jul 2016 09:05:24 +0000 (18:05 +0900)]

Sync setuid exception list to stable and Revise order of executables in aslr exception list for convenience

Change-Id: I378d01a997315dd765992fdda03b7592d8fae85a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>

Domain: Security / Access Control;

RSS Atom