From 7ecd22e42978c44abcfde6f29a549180e9cec436 Mon Sep 17 00:00:00 2001 From: Hyotaek Shim Date: Thu, 27 Sep 2018 15:21:31 +0900 Subject: [PATCH] Change /run/dlog/filters.d permission (Before) drwxr-xr-x 2 log log System::Run (After) drwxrwxr-x 2 log log System::Shared ... User::Pkg::org.tizen.privacy-setting System::Run rwxat ^ System::Run rwxat User System::Run rwxat User::Shell System::Run rxl System::TEF System::Run rwxat System::Privileged System::Run rwxat _ System::Run rwxat System System::Run rwxat ... User::Pkg::org.tizen.privacy-setting System::Shared rxl User System::Shared rxl User::Shell System::Shared rxl System::TEF System::Shared rwxat System::Privileged System::Shared rwxat System System::Shared rwxat /run/dlog/filters.d can only be updated by 1) 'root' shell (System::Privileged) 2) sdbd-forked processes ('log' gid + System) Change-Id: I25875e09da720ca2d7be08216e1d7b60ee999b36 Signed-off-by: Hyotaek Shim [ Added Smack's transmute xattr to ensure files under filters.d receive appropriate label. ] Signed-off-by: Karol Lewandowski --- configs/dlog-run.conf | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/configs/dlog-run.conf b/configs/dlog-run.conf index ea0b15e..4e27091 100644 --- a/configs/dlog-run.conf +++ b/configs/dlog-run.conf @@ -1,5 +1,7 @@ d /run/dlog 0755 log log - - -d /run/dlog/filters.d 0755 log log - - +d /run/dlog/filters.d 0775 log log - - +t /run/dlog/filters.d 0775 log log - security.SMACK64TRANSMUTE=TRUE +t /run/dlog/filters.d 0775 log log - security.SMACK64=System::Shared d /run/dlog/priv 0700 log log - - t /run/dlog/priv 0700 log log - security.SMACK64=System d /run/dlog/priv/fifo 0700 log log - - -- 2.7.4