From 71318efaa23a8708ace338ca6977058fbaa4de62 Mon Sep 17 00:00:00 2001 From: Jiyong Min Date: Fri, 20 May 2016 10:00:58 +0900 Subject: [PATCH] Modify User/Group for media-controller to enhance security Change-Id: I15d9a5da4a9117eb6a80f4ad178d89507d3d0c65 Signed-off-by: Jiyong Min --- packaging/capi-media-controller.spec | 8 +++----- packaging/mediacontroller.service | 2 ++ packaging/mediacontroller.socket | 2 ++ 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/packaging/capi-media-controller.spec b/packaging/capi-media-controller.spec index 20cb364..3fad5a1 100644 --- a/packaging/capi-media-controller.spec +++ b/packaging/capi-media-controller.spec @@ -1,6 +1,6 @@ Name: capi-media-controller Summary: A media controller library in Tizen Native API -Version: 0.1.19 +Version: 0.1.20 Release: 1 Group: Multimedia/API License: Apache-2.0 @@ -100,9 +100,7 @@ install -m 0775 %{SOURCE1001} %{buildroot}%{_bindir}/media-controller_create_db. %endif %post -%if 0%{?multi_user} -chgrp %TZ_SYS_USER_GROUP %{_bindir}/media-controller_create_db.sh -%endif + %postun %files @@ -118,7 +116,7 @@ chgrp %TZ_SYS_USER_GROUP %{_bindir}/media-controller_create_db.sh %{_bindir}/media-controller_create_db.sh %endif %manifest media-controller-service.manifest -%defattr(-,system,system,-) +%defattr(-,multimedia_fw,multimedia_fw,-) %{_unitdir}/mediacontroller.service %{_unitdir}/mediacontroller.socket %{_unitdir}/sockets.target.wants/mediacontroller.socket diff --git a/packaging/mediacontroller.service b/packaging/mediacontroller.service index f8fd79d..fc2b419 100755 --- a/packaging/mediacontroller.service +++ b/packaging/mediacontroller.service @@ -2,6 +2,8 @@ Description=Media controller [Service] +Owner=multimedia_fw +Group=multimedia_fw ExecStart=/usr/bin/mediacontroller Type=simple diff --git a/packaging/mediacontroller.socket b/packaging/mediacontroller.socket index 04ff4ec..af9d83a 100644 --- a/packaging/mediacontroller.socket +++ b/packaging/mediacontroller.socket @@ -2,6 +2,8 @@ Description=MediaController Service socket [Socket] +SocketOwner=multimedia_fw +SocketGroup=multimedia_fw ListenStream=/run/.mediacontroller.sock Service=mediacontroller.service -- 2.7.4