From 629cac68c11d81ddf072758f44fffb2d95015822 Mon Sep 17 00:00:00 2001
From: Youngsoo Choi <kenshin.choi@samsung.com>
Date: Thu, 7 Jan 2021 18:52:40 -0800
Subject: [PATCH] [Service] Sync with the latest security changes from tizen
 6.5

The latest security changes are synced from tizen 6.5.

Note that the fs module control is not needed anymore
because of thread based smack label.

Together with:
https://review.tizen.org/gerrit/257363

Change-Id: Ie0f4717b8074e773b4b9467cc89d8be3dd9976f2
Signed-off-by: Youngsoo Choi <kenshin.choi@samsung.com>
---
 wrt_app/service/access_control_manager.ts | 19 -------------------
 wrt_app/service/device_api_router.ts      | 19 -------------------
 2 files changed, 38 deletions(-)

diff --git a/wrt_app/service/access_control_manager.ts b/wrt_app/service/access_control_manager.ts
index ae6883a7..99746711 100644
--- a/wrt_app/service/access_control_manager.ts
+++ b/wrt_app/service/access_control_manager.ts
@@ -138,22 +138,3 @@ export function initialize(packageId:string, appId:string, permissions: string[]
     checkSystemInfoApiPrivilege(tizen.systeminfo.addPropertyValueArrayChangeListener, permissions);
 
 }
-
-export function refineResolveFilename(packageId: string, permissions: string[]) {
-  const originalResolveFilename = Module._resolveFilename;
-  Module._resolveFilename = function(...args: any[]) {
-    let path = '';
-    if (args[0] === 'fs') {
-      path = originalResolveFilename('fs_tizen', args[1], args[2]);
-    } else if (isNetworkModule(args[0]) &&
-        !permissions.includes("http://tizen.org/privilege/internet")) {
-      throw new Error('The internet permission is missing.');
-    } else {
-      path = originalResolveFilename(...args);
-    }
-    if (path.startsWith('/') && !wrt.security?.checkSmack(packageId, path, 'r'))
-      throw new Error(`Invalid access to ${path}`);
-    return path;
-  }
-  Object.defineProperty(Module, '_resolveFilename', { writable: false });
-}
diff --git a/wrt_app/service/device_api_router.ts b/wrt_app/service/device_api_router.ts
index 93a1d461..8012bcc7 100644
--- a/wrt_app/service/device_api_router.ts
+++ b/wrt_app/service/device_api_router.ts
@@ -38,7 +38,6 @@ export class DeviceAPIRouter {
       this.refineFilesystemApis()
       this.initAccessControlManager();
       this.refineXwalkUtilApis();
-      this.refineResolveFilename();
     }
   }
 
@@ -73,7 +72,6 @@ export class DeviceAPIRouter {
     this.initEdgeWebapis();
     this.initMDEWebapis();
     this.initProductWebapis();
-    this.initSecurityWebapis();
   }
 
   initEdgeWebapis() {
@@ -189,23 +187,6 @@ export class DeviceAPIRouter {
     }
   }
 
-  initSecurityWebapis() {
-    if (wrt['security'] && !global.webapis.security) {
-      let security = wrt.security as NativeWRTjs.SecurityExtension;
-      global.webapis.security = {
-        checkSmack: (packageId: string, path: string, type: string) => {
-          let smackMap = this.smackMap;
-          if (smackMap[path] !== undefined && smackMap[path][type] !== undefined)
-            return smackMap[path][type];
-          if (smackMap[path] === undefined)
-            smackMap[path] = {};
-          return smackMap[path][type] = security.checkSmack(packageId, path, type);
-        }
-      }
-      Object.defineProperty(global.webapis, 'security', { writable: false, enumerable: true });
-    }
-  }
-
   initAccessControlManager() {
     console.log(`permissions : ${this.permissions}`);
     const AccessControlManager = require('./access_control_manager');
-- 
2.34.1