From 728eb26dbdc0ec4e2f0975c3c8701ae827f92fd3 Mon Sep 17 00:00:00 2001
From: Rafal Krypa <r.krypa@samsung.com>
Date: Thu, 3 Sep 2015 14:20:49 +0200
Subject: [PATCH] Fix labeling of SECURITY_MANAGER_PATH_RW paths

- Don't set exec label on executables. Smack label should be set only by
  launcher. Also that exec label was wrong. Apps run with appId-based label,
  not pkgId-based.
- Set transmute attribute. To keep all files in SECURITY_MANAGER_PATH_RW
  labeled with pkgId-based label, directories must be transmutable.

Change-Id: I3ce69ae70796d2d591b57c75bd175c9c3ea99028
Signed-off-by: Rafal Krypa <r.krypa@samsung.com>
---
 src/common/smack-labels.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/common/smack-labels.cpp b/src/common/smack-labels.cpp
index c01d555..d90abbb 100644
--- a/src/common/smack-labels.cpp
+++ b/src/common/smack-labels.cpp
@@ -135,8 +135,8 @@ void setupPath(const std::string &pkgId, const std::string &path, app_install_pa
     switch (pathType) {
     case SECURITY_MANAGER_PATH_RW:
         label = zoneSmackLabelGenerate(generatePkgLabel(pkgId), zoneId);
-        label_executables = true;
-        label_transmute = false;
+        label_executables = false;
+        label_transmute = true;
         break;
     case SECURITY_MANAGER_PATH_RO:
         label = zoneSmackLabelGenerate(generatePkgROLabel(pkgId), zoneId);
-- 
2.7.4