Yunjin Lee [Fri, 28 Aug 2020 06:09:50 +0000 (15:09 +0900)]
Update language files and fix wrong DID
- Update language files for network.route privilege and fix wrong DID of
it
Change-Id: I83032c7035147d3a3743eb804a0def7a426b9b34
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 19 Aug 2020 07:36:06 +0000 (16:36 +0900)]
Release version 1.2.6
- Add core privilege: network.route
Change-Id: I15c57a880307e7574c44dffe1812c038f9f4cb58
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 19 Aug 2020 05:14:27 +0000 (14:14 +0900)]
Add core privilege: network.route
- network.route: With this privilege, app can add or remove route table
entries.
Change-Id: Id02f70d26b954a3ce2836253e3b89900f11b60bb
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 13 Aug 2020 03:57:54 +0000 (12:57 +0900)]
Release version 1.2.5
- Split APIs not to access DB while trying to access DB
- Update privacy whitelist for IoT profile
Change-Id: I5241cc0dc6d37e1fa46eb17a01eb813dd9fbc2f0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 13 Aug 2020 03:54:20 +0000 (03:54 +0000)]
Merge "Split APIs not to access DB while trying to access DB" into tizen
Yunjin Lee [Tue, 11 Aug 2020 07:13:12 +0000 (16:13 +0900)]
Split APIs not to access DB while trying to access DB
- Split some APIs access DB while trying to access DB
Change-Id: I3a840fbd15a6f4b767c7e7601f4796610d7eeb8b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 10 Aug 2020 02:09:11 +0000 (11:09 +0900)]
Update privacy whitelist for IoT profile
- Update org.tizen.wallpaper-ui-service is changed to
org.tizen.wallpaper-ui-service_common
Change-Id: Ie8609d508125c9ebee55e71a8b03d18b58e700c3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 6 Aug 2020 05:31:58 +0000 (14:31 +0900)]
Release version 1.2.4
- Add default privilege mapping for IoT profile
- Remove unused critical privilege related APIs
- Bind begin and finish transaction
- Rename privilege_info_db_row and related function
- Remove redundancy of statement evaluation
Change-Id: Ic22ea1ee19d9f0f48c607980aea26266349470f7
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 5 Aug 2020 07:45:28 +0000 (16:45 +0900)]
Add default privilege mapping for IoT profile
- Add web default privilege mapping for IoT profile. (core default
privilege mapping has no difference with common profile so there's no
update for core privilege.)
- Minimum api-version for IoT profile is native 5.0 / web & csharp 5.5.
- Fix askuser enable determination of local tc.
It refers to https://review.tizen.org/gerrit/#/c/platform/core/security/privilege-checker/+/234846/
Change-Id: I730d02d879033561b238303bd435bc0a81822db3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 23 Jul 2020 10:31:32 +0000 (19:31 +0900)]
Remove unused critical privilege related APIs
- There was a requirement at first time but was not used hence remove
all of them.
Change-Id: I6919e6c6a84ed6f20ef719d744ae22c18f279ae0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Jul 2020 08:15:24 +0000 (17:15 +0900)]
Bind begin and finish transaction
- Bind begin and finish transaction process as macros.
- Add retry for begin transaction.
Change-Id: I462356303732bafe1bbbba35581abcd2f6698427
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 10 Jul 2020 05:33:28 +0000 (14:33 +0900)]
Rename privilege_info_db_row and related function
- Originally privilege_info_db_row_s was made to have all privilege info
such as privilege name, level, issued and deprecaed version or so. But
the required privilege info for privilege verification was reduced to
only privilege level and now, the name is not matched to its role. Hence
rename it properly.
- struct
- AS-IS: privilege_info_db_row_s
- TO-BE: privilege_level_info_s
- functions
- AS-IS: privilege_db_manager_get_privilege_list()
- TO-BE: privilege_db_manager_get_privilege_level_info_list()
- AS-IS: free_privilege_info_db_row_list()
- TO-BE: free_privilege_level_info_list()
Change-Id: Ie72fe0fe423742bc1e7b5f12ff243dd56af23a47
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 9 Jul 2020 09:11:12 +0000 (18:11 +0900)]
Remove redundancy of statement evaluation
- Simple statement evaluation
- Remove unnecessary value assign
- Remove redundancy of sqlite3_step and modify
'do-while' to 'while'
- Add free function for list allocated by
privilege_db_manager_get_privilege_list()
- TODO: Add error check for some cases
- TODO: Integrate some sql errors
- TODO: Rename privilege_info_db_row & add functions for it
Change-Id: I2973d22e8a21bbe358a8a773da36a77306794c9d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 21 Jul 2020 03:48:04 +0000 (12:48 +0900)]
Release version 1.2.3 (modified)
- Fix potential memory leak
- Update IoT privacy whitelist
- Modify privilege verification messaging
- Revise logic to get privilege display name and description
- Fix asan build fail
- Bind repeated steps for accessing DB
- Adjust API changes to local test
Remove a commit causing cyclic dependency from the release
Change-Id: I85a479f6624f9a3ff2390e2425df6b8970a2b523
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 21 Jul 2020 02:05:30 +0000 (02:05 +0000)]
Revert "Get package cert level if there's no cert level given"
This reverts commit
cd1a5b8fb247a8a40b5a30d97c5089c94c49d3a2.
- Due to the cyclic dependency, privilege-checker can't use cert-svc APIs.
cert-svc <-> key-manager <-> security-manager <-> privilege-checker
Change-Id: I6a2a289b5c36f07b75e8188c7cc2e7a287b6f09c
Yunjin Lee [Mon, 20 Jul 2020 08:32:23 +0000 (17:32 +0900)]
Release version 1.2.3
- Fix potential memory leak
- Update IoT privacy whitelist
- Get package cert level if there's no cert level given
- Modify privilege verification messaging
- Revise logic to get privilege display name and description
- Fix asan build fail
- Bind repeated steps for accessing DB
- Adjust API changes to local test
Change-Id: If9274e94f004254dc6fb4742e1aeb8b948c25f74
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Jul 2020 10:05:17 +0000 (19:05 +0900)]
Fix potential memory leak
- If TRY_INIT_DB fails, string allocated by __make_privilege_list_str()
will be lost.
Change-Id: I2d7e3b9ccb6b1cf3bd4d1e18a33d6e60f9acbaeb
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Jul 2020 08:20:43 +0000 (17:20 +0900)]
Update IoT privacy whitelist
- Add org.tizen.firmware-update-ui to IoT privacy whitelist
Change-Id: Ia962a8bd1c03e2a5ae5e2d4fbf8a4d46e6c11700
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 7 Jul 2020 10:28:03 +0000 (19:28 +0900)]
Get package cert level if there's no cert level given
- To check whether the package is privacy whitelisted or not, get pkg
cert level from input param. If the given cert level is
PRVMGR_PACKAGE_VISIBILITY_NONE then get package cert level from
pkgmgr-info and certsvc.
Change-Id: I85ca805867a7a17a49eccfd3f6d6cc6edb44fc54
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 26 Jun 2020 10:01:20 +0000 (19:01 +0900)]
Modify privilege verification messaging
- Adjust function/variable name to its role.
- Remove redunant code.
- Remove build warning bypass trick.
- Make messaging logic simpler.
Change-Id: Ib5e113f147bbbaf4597da3ccb2798467f1ddbae3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 22 Jun 2020 08:39:57 +0000 (17:39 +0900)]
Revise logic to get privilege display name and description
- Remove redundant code and branch that never passed through.
- Return NULL if the given privilege have no DID to display
- The same changes as privilege-info :
https://review.tizen.org/gerrit/#/c/platform/core/security/privilege-info/+/231441/
Change-Id: I7093d1a38970ca2a11b0933025845baed2a1e04b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 9 Jul 2020 08:01:12 +0000 (08:01 +0000)]
Merge "Fix asan build fail" into tizen
Yunjin Lee [Thu, 9 Jul 2020 02:24:07 +0000 (11:24 +0900)]
Fix asan build fail
- How to build with asan:
$ gbs build -A {architecture} --include-all --extra-packs asan-force-options,asan-build-env --define 'asan 1'
Change-Id: I4c655ac01d9061362a1cf1cc53bc6defe14bc55d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 3 Jul 2020 06:24:56 +0000 (15:24 +0900)]
Bind repeated steps for accessing DB
- Bind check query and prepare DB into a function
- Make open / prepare DB as try / return
- Leave comment for TODO
Change-Id: I16b1e150bae44829255baa49f76d349f311a352c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 22 Jun 2020 04:46:24 +0000 (13:46 +0900)]
Adjust API changes to local test
- adjust privilege_info_get_privilege_type() interface changes
- enable local test build
Change-Id: I42b7b5ef3329ffd026c576eb6510a05abfaa43a0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 16 Jun 2020 02:56:42 +0000 (11:56 +0900)]
Release version 1.2.2
- Add privilege profile type for IoT
- Add privacy whitelist for IoT profile
- Determine askuser enable by security config file
- Add IoT profile
- Add cert level to privacy whitelist table
Change-Id: I619eca0149494e3c5324f69adb7c7c1874b1b833
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 29 May 2020 07:19:49 +0000 (16:19 +0900)]
Add privilege profile type for IoT
Change-Id: Ifdd154343825e2f2783a68e955c1db8c48998d9d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 16 Jun 2020 02:49:54 +0000 (11:49 +0900)]
Add privacy whitelist for IoT profile
- Based on RPI4 IoT headed image (
20200615.1)
Change-Id: I84bc6993185b24aac3aeafc90b7f9d807f46fe4f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 29 May 2020 07:09:17 +0000 (16:09 +0900)]
Determine askuser enable by security config file
- When checking current target support askuser or not, see whether the
askuser_disable file exist or not.
- The profile file is used for checking different storage privacy support
among profiles.
Change-Id: I7be583ac275f10575220c6ace3d1dd64522c14fe
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 28 May 2020 10:52:08 +0000 (10:52 +0000)]
Merge "Add IoT profile" into tizen
Yunjin Lee [Tue, 28 Apr 2020 10:12:35 +0000 (19:12 +0900)]
Add cert level to privacy whitelist table
- Add cert_level to privacy_whitelist table to check privacy whitelisted
app by its pkgid and cert level
Change-Id: Idcb6d3e8f1936b08b226115cf6a33dde52b88970
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 28 May 2020 06:56:56 +0000 (15:56 +0900)]
Release version 1.2.1
- Fix asan build error
- Modify privilege_info_get_privilege_type() interface
Change-Id: If22254236bc8857ccf895643ba0708b89664be8c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 27 May 2020 05:54:15 +0000 (14:54 +0900)]
Fix asan build error
- How to build with ASan:
gbs build -A {architecture} --include-all --extra-packs asan-force-options,asan-build-env --define 'asan 1'
Change-Id: I3f3ffcc29d1b75c7ee08024688399df27320567f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 28 Apr 2020 11:46:09 +0000 (20:46 +0900)]
Add IoT profile
- Provides security-privilege-manager-extension_iot rpm
- Privileges of IoT profile are on the basis of common profile
- TODO: Add privacy whitelist data file for IoT profile
Change-Id: I8aa77524fe2ae74374032f714cc5c972e17035ab
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 3 Apr 2020 03:49:18 +0000 (12:49 +0900)]
Modify privilege_info_get_privilege_type() interface
- Add package type and cert level to privilege_info_get_privilege_type()
parameters.
- Add enum value to privilege_manager_visibility_e for cert level
unknown.
- TODO: Fix testcase accordingly.
- TODO: Fix logic to use cert level to determine privilege type.
Change-Id: I339bda66c77efffccbbb23f0b8b19c2fe798e207
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 13 Apr 2020 10:17:05 +0000 (19:17 +0900)]
Release version 1.2.0
- Add core privilege: notification.admin
- Update privacy whitelist
Changes numbering due to the differentiate older branches code.
Older branch(tizen_5.5) will continue to use 1.1.x and
current branch will use 1.2.x.
Change-Id: I2eabbcd7814da46c379c687eb6a39732c99d1b7c
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 7 Apr 2020 04:10:42 +0000 (13:10 +0900)]
Add core privilege: notification.admin
- notification.admin: Application with this privilege can manage
notifications. For example, the app can get all notificaitons and
update, delete or hide them.
Change-Id: Ie6d215c7120a3550df9be9050b9cd22ff0020bc9
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Shinwoo Kim [Mon, 6 Apr 2020 02:49:45 +0000 (11:49 +0900)]
Update privacy whitelist
Application ID has been changed
from org.tizen.accessibility-setting-wearable/mobile
to org.tizen.accessibility-setting-profile_wearable/mobile
Change-Id: I311f1d466c4e04c3d10e62f9497ba1b5430fb192
Signed-off-by: Shinwoo Kim <cinoo.kim@samsung.com>
Yunjin Lee [Tue, 31 Mar 2020 07:04:30 +0000 (16:04 +0900)]
Release version 1.1.11
- Update language files
Change-Id: Ic664c080e10258d008ecc6d09d6fbc4f683b259f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 31 Mar 2020 06:31:41 +0000 (06:31 +0000)]
Revert "Release version 1.1.11"
This reverts commit
a9bef8c7e9704c9d6e8be79c194e58f27cf68af4.
Change-Id: I970dc36a10149857fc33a14217074e069802e6b3
Yunjin Lee [Mon, 30 Mar 2020 08:25:53 +0000 (17:25 +0900)]
Release version 1.1.11
- Update language files
Change-Id: I7d0a7361a38ce407b82968fc2c6030d1ab38d140
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 30 Mar 2020 08:18:28 +0000 (17:18 +0900)]
Update language files
- WDS_TPLATFORM_BODY_THIS_APP_CAN_RETRIEVE_TELEPHONY_INFORMATION_SUCH_AS_THE_NETWORK_AND_SIM_CARD_USED_AND_THE_STATUSES_OF_CALLS
- WDS_TPLATFORM_BODY_THIS_APP_CAN_READ_YOUR_DEVICES_IMEI_MEID_AND_ICCID
Change-Id: I280c6b81281673e1f3cdc188a059e92aa07223e2
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 21 Feb 2020 02:26:07 +0000 (11:26 +0900)]
Release version 1.1.10
- Remove disabled pakcages from privacy package list
Change-Id: I4bcb919c6e918277714df53c4a185a98c4782408
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 20 Feb 2020 07:43:04 +0000 (16:43 +0900)]
Remove disabled pakcages from privacy package list
- Modify package list returned by following APIs not to include disabled
packages.
- privilege_package_info_get_package_list_by_privacy()
- privilege_package_info_get_all_privacy_package_list()
Change-Id: Ib1de0d07d0c3b395dec05bbfbf9774506e94f8a9
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 29 Jan 2020 06:40:08 +0000 (15:40 +0900)]
Release version 1.1.9
- Add null check before strdup()
Change-Id: Iaf7dd06ba9318d1d11e9902c08c5d089327896ec
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 29 Jan 2020 06:33:50 +0000 (15:33 +0900)]
Add null check before strdup()
Change-Id: I9779bb2ef4f827b591edb0d5226354cdc6fbbe8b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 11:10:09 +0000 (20:10 +0900)]
Release version 1.1.8
- Add gcc version check for diagnostic pragmas
Change-Id: I5c14604209f91b07a02cf78fc4e6a9f6e14a8397
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 10:43:18 +0000 (19:43 +0900)]
Add gcc version check for diagnostic pragmas
- Add gcc version check for diagnostics that are not supported at lower gcc version
Change-Id: I1f4c9160d475f395a7e61f03980580043c1a8e6d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 09:34:57 +0000 (18:34 +0900)]
Release version 1.1.7
- Fix build errors from toolchain upgrade (gcc & iniparser)
- Fix remained build errors from toolchain upgrade (gcc)
Change-Id: Id015fa870c47475bb4b3b6f7d2837282012e4a83
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 09:59:07 +0000 (18:59 +0900)]
Fix remained build errors from toolchain upgrade (gcc)
- Fix errors that are remained, not checked from previous obs logs
Change-Id: I3293d0993a9c89205bfd4c5bef24c3a3d9b4c5cf
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 8 Jan 2020 08:45:38 +0000 (17:45 +0900)]
Fix build errors from toolchain upgrade (gcc & iniparser)
Change-Id: I86b18f1d24b9aa5ce2515df8c4f58f2e740257d8
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 27 Dec 2019 02:17:16 +0000 (11:17 +0900)]
Release version 1.1.6
- Update DID of telephony and securesysteminfo privilege
Change-Id: Icc4ef7bdcf37b453bb03dcb32b8202c6ed20cef9
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 26 Dec 2019 08:50:05 +0000 (17:50 +0900)]
Update DID of telephony and securesysteminfo privilege
Change-Id: I41577c3329dfb0a7d5cff5f5956dcc34ca600bd3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 26 Nov 2019 07:10:04 +0000 (16:10 +0900)]
Release version 1.1.5
- Update language files
Change-Id: Ibf303b0501363ac8bef2a64b86ef8fad11799622
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 26 Nov 2019 07:09:44 +0000 (16:09 +0900)]
Update language files
Change-Id: Ib774ee6ad9aac6306d7867dbbdbf02307d8ab306
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 23 Oct 2019 02:35:09 +0000 (11:35 +0900)]
Release version 1.1.4
- Update mobile/wearable privacy whitelist
- Update language files and set duid privacy DID
Change-Id: I21614b95b7c57b8a59536bdf99317efb0afd3ada
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 23 Oct 2019 02:27:40 +0000 (11:27 +0900)]
Update language files and set duid privacy DID
Change-Id: Ieb2c00ef8ea813f0843cf89d5c6e3a240986bcf3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 17 Oct 2019 09:03:24 +0000 (18:03 +0900)]
Update mobile/wearable privacy whitelist
- tizen-unified_20191016.1 (TM1, TW3)
Change-Id: I7dd2246d0416045b2135a27832a0fcab5dadd68a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 11 Oct 2019 07:28:28 +0000 (16:28 +0900)]
Release version 1.1.3
- Add core privileges: securesysteminfo, voicecontrol.tts and new privacy: duid
Change-Id: I81b967162777b7827202194506f70e966af8f00a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 11 Oct 2019 07:23:26 +0000 (16:23 +0900)]
Add core privileges: securesysteminfo, voicecontrol.tts and new privacy: duid
- securesysteminfo: This privilege allows app to read non-resettable
secure deivce information such as IMEI.
- voicecontrol.tts: This privilege allows app to request voice control
engine to synthesize text to speech using its own voice.
- duid: Privacy related to device unique IDs
Change-Id: I9f6942b0e867db0989f44e791a60ffc5ab8304d7
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 30 Sep 2019 02:03:51 +0000 (11:03 +0900)]
Release version 1.1.2
- Fix mapping version of privileges
Change-Id: I8a315efe6f7621bcb7fbc86ef4bca7f3ee2a14d2
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 10 Sep 2019 02:44:27 +0000 (11:44 +0900)]
Fix mapping version of privileges
- Fix mapping version of native privileges as 2.3 to 9.9 and mapping
version of web privileges as 2.2.1 to 9.9 except special cases.
Change-Id: I15c91284b8c55b94791950cbf7c72e74cd558b32
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 19 Aug 2019 07:32:12 +0000 (16:32 +0900)]
Release version 1.1.1
- Use pkgmgrinfo_pkginfo_get_usr_pkginfo() when getting package info
- Update privacy whitelist
- Map default privileges for common profile
Change-Id: I4cdcaf220b4d8e2bcf7274a791d6d1d5cc9f1e6b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 21 Aug 2019 01:21:04 +0000 (10:21 +0900)]
Map default privileges for common profile
- Default privileges should be mapped for all profiles so modified it to
map for common profile.
Change-Id: Ia2c0fd91926d01e4c7a43de76a342a20fa121278
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 17 May 2019 08:12:57 +0000 (17:12 +0900)]
Update privacy whitelist
- Based on
20190819.1 tm1 and tw3
Change-Id: If631f3934a6e75c5e22b619088df02e608945ce5
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 28 Jun 2019 04:06:59 +0000 (13:06 +0900)]
Use pkgmgrinfo_pkginfo_get_usr_pkginfo() when getting package info
Change-Id: Ia3314369c52786f010d48c268a71025872acef08
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 19 Jun 2019 08:33:31 +0000 (17:33 +0900)]
Release version 1.1.0
Updated release version not to conflict with old branch's
- Add required packages in spec file
- Add function to free privilege list
Change-Id: I1d78b61f249a4c6eb83b26dc5817ea1cf81bbb7f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 18 Jun 2019 07:25:32 +0000 (16:25 +0900)]
Add function to free privilege list
- Add function to free privilege list, dynamically allocated by
privilege_manager, privilege_info, privilege_db_manager APIs and updated
header description accordingly.
Change-Id: I56a711716eb06cc41e795d544090a763a596898d
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
jin-gyu.kim [Mon, 29 Apr 2019 05:41:23 +0000 (14:41 +0900)]
Add required packages in spec file.
- To work policy_db_updater.sh properly, requires packages.
Change-Id: I660c1a056edfec6fbe42c77b19f8ae66b31cb39b
Yunjin Lee [Fri, 26 Apr 2019 02:01:07 +0000 (11:01 +0900)]
Release version 1.0.12
- Update privilege description and language files
Change-Id: I145be59de97bfb265cdef2f0f96d03e2afef7eb3
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 26 Apr 2019 01:57:48 +0000 (10:57 +0900)]
Update privilege description and language files
Change-Id: I2e42b7a2f4f0e665b3e3d131940888f1733e43d0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 18 Apr 2019 04:12:45 +0000 (13:12 +0900)]
Release version 1.0.11
- Fix to finalize stmt
Change-Id: I51c75d031b67e58fcafd86d7ec4216e0b6a81de6
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 18 Apr 2019 01:58:38 +0000 (10:58 +0900)]
Fix to finalize stmt
Change-Id: Icc92f7a991a6cfd76f111c5927c3bda18be5ce76
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 15 Apr 2019 04:12:04 +0000 (13:12 +0900)]
Release version 1.0.10
- Add core privilege: d2d.datasharing, d2d.remotelaunch
Change-Id: Ia0558f744fa0eaae5499792c5c8f3c54b90f4547
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 11 Apr 2019 08:18:00 +0000 (17:18 +0900)]
Add core privilege: d2d.datasharing, d2d.remotelaunch
- d2d.datasharing: Application with this privilege can share data with
other devices
- d2d.remotelaunch: Application with this privilege can be launched by
applications on other devices
Change-Id: I19f714329027d5e9d3c7ba9e85276b8834d629dc
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 27 Feb 2019 09:29:11 +0000 (18:29 +0900)]
Release version 1.0.9
- Remove unused APIs
- Add core privilege: windowsystem.admin
Change-Id: I851726bf4029d80bfe339c6e803d807e58a7d29a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 27 Feb 2019 09:24:23 +0000 (18:24 +0900)]
Add core privilege: windowsystem.admin
- The application with this privilege can change the settings for
services provided by display server, such as the quick panel and
softkey bar.
Change-Id: Ib1f09a62f0ca3938565c34922159706b7340165a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 14 Feb 2019 06:21:40 +0000 (15:21 +0900)]
Remove unused APIs
- APIs for runtime MDM blacklist set/unset have never been used and will not be
used anymore. Hence remove them.
Change-Id: I3f71e2df483424220d5856856560d6cc3fbf958b
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 14 Feb 2019 06:39:29 +0000 (15:39 +0900)]
Release version 1.0.8
- Fix mapping version according to the former record
- Update privacy whitelist
Change-Id: Ib4c89568fb0d6106cec31c4bfdbbf9375cfa5cef
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 15 Feb 2019 05:58:38 +0000 (14:58 +0900)]
Update privacy whitelist
Change-Id: If646845e9125dd6cc3afcf4db8fe86e12ebd2896
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 14 Jan 2019 04:18:59 +0000 (13:18 +0900)]
Fix mapping version according to the former record
- Mapping version was fixed as 2.3 to 9.9 for native and 2.2.1 to 9.9
for web from platform version 5.0. Fix those versions to real first
issued version and last deprecated version according to the record.
- Note: web nfc.admin privilege was deprecated since 2.3 but not
reported to the security team at that time. Hence we fixed deprecated
version of the web nfc.admin as 5.0.
Change-Id: I850e7f79ec71a5b4de1b36c6c522c6b9fafc84b2
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 19 Dec 2018 06:46:17 +0000 (15:46 +0900)]
[1.0.7] Fix language file build error
Change-Id: I2385ebc84c3a9ca87387d0c97f87407d3621a9d4
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 19 Dec 2018 01:32:47 +0000 (10:32 +0900)]
Release version 1.0.7
- Add core privilege : autofillmanager
- Add internal privilege for systemsettings
- Change mapping table of web filesystem.read and filesystem.write
- Fix to check return value
Change-Id: Ib80886509ef473a955ea922547711bf63aaaa952
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Kim Kidong [Wed, 19 Dec 2018 01:20:46 +0000 (01:20 +0000)]
Merge "Fix to check return value" into tizen
Yunjin Lee [Tue, 18 Dec 2018 05:37:13 +0000 (14:37 +0900)]
Change mapping table of web filesystem.read and filesystem.write
- Add core privilege filesystem.read and filesystem.write to resolve
native and web privilege level mismatch.
- Web filesystem.read and filesystem.write are public level
privilege and native systemsettings.admin is platform level
privilege. They were mapped because of the 2.X smack rules but
checked that Web filesystem.read/write privileged device APIs are
not wrappers of native systemsetting.admin privileged APIs. Hence
add core privilege for filesystem.read and write separately and
remove mapping to the systemsettings.admin.
Change-Id: I3fcef8aea58a0292e8b8accb4692b14ba3eb36af
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 18 Dec 2018 05:34:51 +0000 (14:34 +0900)]
Add internal privilege for systemsettings
- Add internal privilege for systemsettings and change mapping table
to resolve native and web privilege level mismatch issue
Change-Id: I25a3c313ff4afedc67b294d0971e84a4ae87f7bf
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 18 Dec 2018 05:03:29 +0000 (14:03 +0900)]
Add core privilege : autofillmanager
- The application with this privilege can manage installed autofill services.
It can set which autofill service to use and get the currently configured autofill
service.
Change-Id: I733b08eb9f5faa79f1c8a502dc72d7c666810134
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 6 Dec 2018 02:01:20 +0000 (11:01 +0900)]
Fix to check return value
- Check return value of sqlite3_exec() for begin and commit
transaction.
Change-Id: I887340a7c7485ea06d898473393655d75641b9bc
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
(cherry picked from commit
b77f85bacb993469df47ae1a043024f2cc84c02a)
Yunjin Lee [Tue, 18 Sep 2018 06:28:30 +0000 (15:28 +0900)]
Release version 1.0.6
- Fix typo in privilege mapping table
Change-Id: Ic6671838a909604b790fb8b860373f1310fc30fa
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 18 Sep 2018 06:26:56 +0000 (15:26 +0900)]
Fix typo in privilege mapping table
Change-Id: Ib2cf449858c8d64fc572b3dfd0741908c32029e0
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 17 Sep 2018 04:55:59 +0000 (13:55 +0900)]
Release version 1.0.5
- Add core privilege: permission.check
Change-Id: I77f0bce2eff45b77c91b6e9c6b4591eadb8a9755
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 17 Sep 2018 04:29:37 +0000 (13:29 +0900)]
Add core privilege: permission.check
- permission.check allows app to get other apps' permission status
Change-Id: I3429479579eef94edff7a4b1534bcc22883c055a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 4 Sep 2018 06:04:55 +0000 (15:04 +0900)]
Release version 1.0.4
- Add core privilege: updatecontrol.admin
- Fix typo in tool and guide
- Web app with api_version 4.0 will have storage privileges by default
on mobile/tv profile
Change-Id: I09bf84be43dd50228dd49007dbfa1c9f681012c2
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Tue, 4 Sep 2018 05:39:56 +0000 (14:39 +0900)]
Add core privilege: updatecontrol.admin
Change-Id: If1e3189606da462782cbae64a53ab2d0692991ae
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Mon, 20 Aug 2018 07:56:21 +0000 (16:56 +0900)]
Fix typo in tool and guide
- Fix typo in privilege update tool
- Fix typo and add white spaces for new line
Change-Id: I78c7c9398accf4787ee0533e74cf79efd1d4c93f
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Fri, 30 Mar 2018 04:44:32 +0000 (13:44 +0900)]
Web app with api_version 4.0 will have storage privileges by default on mobile/tv profile
- Map web storage privileges to 4.0 by default for mobile/tv profile
- Modify web storage privileges's mapping from messaging.read, write according to the profile
- Change API privilege_package_info_is_privacy_requestable() to get privilege as input parameter
- Policy type of storage privacy on installation time
_______|___|____Mobile____|___Wearable___|___TV____|
|3.0| Allow | Allow | Allow |
Native |4.0| Ask | Ask | Allow |
_______|5.0|_Ask__________|_Ask__________|_Allow___|
|3.0| Allow | Allow | Allow |
Web |4.0| Allow | Ask | Allow |
_______|5.0|_Ask__________|_Ask__________|_Allow___|
Change-Id: I4b2981353ee309f8114b8df06d98af67c23a86b6
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Kim Kidong [Tue, 14 Aug 2018 02:08:17 +0000 (02:08 +0000)]
Merge "Release version 1.0.3" into tizen
Yunjin Lee [Tue, 14 Aug 2018 01:55:12 +0000 (10:55 +0900)]
Release version 1.0.3
- Modify privacy status related APIs
- Fix test code to work properly
- Remove profile from privacy info
- Modify privilege update tool
- Fix test code
Change-Id: I6aeea9839ee7bdf43ecd1c02e674e17de94db555
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Thu, 26 Jul 2018 05:08:39 +0000 (14:08 +0900)]
Fix test code
- Use chromium-efl app when testing privilege_info_get_privilege_type():
It's installed on both mobile and wearable profile.
Change-Id: I4be1350ea961ab6f12feefe46d5e4bc16b1f8ba4
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>
Yunjin Lee [Wed, 25 Jul 2018 10:47:11 +0000 (19:47 +0900)]
Modify privilege update tool
- Fix typo in the guide/guide message
- Change usertype asterisk handling
- Do only necessary updates instead of running security-manager-policy-reload
Change-Id: I3f38cd09ad760dbb5ef48d1960e04a206d6d430a
Signed-off-by: Yunjin Lee <yunjin-.lee@samsung.com>