review.tizen.org Git - platform/core/security/security-manager.git/commit

author	Rafal Krypa <r.krypa@samsung.com>
	Mon, 31 Aug 2015 18:07:21 +0000 (20:07 +0200)
committer	Rafal Krypa <r.krypa@samsung.com>
	Wed, 2 Sep 2015 15:14:57 +0000 (17:14 +0200)
commit	db5ca0b66e160adb63e587936f05a40cc797b92d
tree	1acbe0b13dc335a6751538703131f2cf422bc96b	tree \| snapshot
parent	1afdb1628d5f84a166aa23ff41d52fe246b9c23a	commit \| diff

Adapt application file labeling to new requirements

The following changes has been made:
- application base path must now be APPS_ROOT/$pkgID, not
APPS_ROOT/$pkgID/$appID
- application base path is now enforced, no files outside base path allowed
- application base path will be labeled with User::Pkg::$pkgID, no transmute
- SECURITY_MANAGER_PATH_TYPE_RO will be labeled with User::Pkg::$pkgID::RO
- applications get a Smack rule for RO access to User::Pkg::$pkgID::RO
- SECURITY_MANAGER_PATH_PUBLIC_RO will be labeled with User::Home
- SECURITY_MANAGER_PATH_PRIVATE and SECURITY_MANAGER_PATH_PUBLIC path types

Change-Id: I2d0260effcbe8da0c0e9130b89b4b34e7e104d29
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>

policy/app-rules-template.smack		diff \| blob \| history
src/common/include/service_impl.h		diff \| blob \| history
src/common/include/smack-labels.h		diff \| blob \| history
src/common/include/smack-rules.h		diff \| blob \| history
src/common/service_impl.cpp		diff \| blob \| history
src/common/smack-labels.cpp		diff \| blob \| history
src/common/smack-rules.cpp		diff \| blob \| history
src/include/security-manager.h		diff \| blob \| history