Fix labeling of SECURITY_MANAGER_PATH_RW paths

- Don't set exec label on executables. Smack label should be set only by
  launcher. Also that exec label was wrong. Apps run with appId-based label,
  not pkgId-based.
- Set transmute attribute. To keep all files in SECURITY_MANAGER_PATH_RW
  labeled with pkgId-based label, directories must be transmutable.

Change-Id: I3ce69ae70796d2d591b57c75bd175c9c3ea99028
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>

diff --git a/src/common/smack-labels.cpp b/src/common/smack-labels.cpp
index c01d555..d90abbb 100644 (file)
--- a/src/common/smack-labels.cpp
+++ b/src/common/smack-labels.cpp
@@ -135,8 +135,8 @@ void setupPath(const std::string &pkgId, const std::string &path, app_install_pa
     switch (pathType) {
     case SECURITY_MANAGER_PATH_RW:
         label = zoneSmackLabelGenerate(generatePkgLabel(pkgId), zoneId);
-        label_executables = true;
-        label_transmute = false;
+        label_executables = false;
+        label_transmute = true;
         break;
     case SECURITY_MANAGER_PATH_RO:
         label = zoneSmackLabelGenerate(generatePkgROLabel(pkgId), zoneId);