// Verify that all permissions to public dir have been added
// correctly, also to other app
- result = smack_have_access(APP_ID, shared_dir_auto_label.c_str(), "rwxatl");
+ result = smack_have_access(GENERATED_APP_ID, shared_dir_auto_label.c_str(), "rwxatl");
RUNNER_ASSERT_MSG(result == expected_smack_result,
"Not all accesses to Public RO dir are granted. Loop index: "
<< i);
- result = smack_have_access(TEST_OSP_FEATURE_APP_ID, shared_dir_auto_label.c_str(), "rx" );
+ /* all apps are getting the label "User" at the moment. Calling smack_have_access with
+ "User" as an argument is no different from previous call */
+ /*result = smack_have_access(TEST_OSP_FEATURE_APP_ID, shared_dir_auto_label.c_str(), "rx" );
RUNNER_ASSERT_MSG(result == expected_smack_result,
"Not all accesses to Public RO dir are granted. Loop index: "
- << i);
+ << i);*/
break;
}
// Verify that setting app has rwx permission to app dir
// and rx permissions to app
- result = smack_have_access(APP_ID, shared_dir_auto_label.c_str(), "rwxatl");
+ result = smack_have_access(GENERATED_APP_ID, shared_dir_auto_label.c_str(), "rwxatl");
RUNNER_ASSERT_MSG(result == expected_smack_result,
"Not all accesses to App-Setting dir are granted. "
<< APP_ID << " "<< shared_dir_auto_label << " rwxatl "
<< "Loop index: " << i);
- result = smack_have_access(APP_TEST_SETTINGS_ASP1, shared_dir_auto_label.c_str(), "rwx");
+ /* all apps are getting the label "User" at the moment. Calling smack_have_access with
+ "User" as an argument is no different from previous call */
+ /*result = smack_have_access(APP_TEST_SETTINGS_ASP1, shared_dir_auto_label.c_str(), "rwx");
RUNNER_ASSERT_MSG(result == expected_smack_result,
"Not all accesses to App-Setting dir are granted. "
<< APP_TEST_SETTINGS_ASP1 << " " << shared_dir_auto_label << " rwx. "
<< "Loop index: " << i);
- result = smack_have_access(APP_TEST_SETTINGS_ASP1, APP_ID, "rx");
+ result = smack_have_access(APP_TEST_SETTINGS_ASP1, GENERATED_APP_ID, "rx");
RUNNER_ASSERT_MSG(result == expected_smack_result,
"Not all accesses to App-Setting dir are granted. "
- << APP_TEST_SETTINGS_ASP1 << " " << APP_ID << " rx"
- << "Loop index: " << i);
+ << APP_TEST_SETTINGS_ASP1 << " " << GENERATED_APP_ID << " rx"
+ << "Loop index: " << i);*/
// Verify that all permissions to public dir have been added
// correctly, also to other app
- result = smack_have_access(APP_ID, LABEL_FOR_PUBLIC_SHARED_DIRS, "rwxatl");
+ result = smack_have_access(GENERATED_APP_ID, LABEL_FOR_PUBLIC_SHARED_DIRS, "rwxatl");
RUNNER_ASSERT_MSG(result == expected_smack_result,
"Not all accesses to Group RW dir are granted. Loop index: "
<< i);
// check if api-features permissions are added properly
result = check_all_accesses(smack,
(const rules_t) {
- { APP_ID, TEST_OSP_FEATURE_APP_ID, "rxl" },
- { APP_ID, TEST_WGT_FEATURE_APP_ID, "rwxl" } } );
+ { GENERATED_APP_ID, TEST_OSP_FEATURE_APP_ID, "rxl" },
+ { GENERATED_APP_ID, TEST_WGT_FEATURE_APP_ID, "rwxl" } } );
RUNNER_ASSERT_MSG(result == 1,
"Not all permisions from api features added. Loop index: "
<< i);
// revoke permissions
- result = perm_app_revoke_permissions(APP_ID);
+ result = perm_app_revoke_permissions(GENERATED_APP_ID);
RUNNER_ASSERT_MSG(result == PC_OPERATION_SUCCESS,
"Error in perm_app_revoke_permissions. Loop index: " << i
<< ". Result: " << result);
// generate app ids: test_APP0, test_APP1, test_APP2 etc.:
for (int i = 0; i < app_count; ++i)
{
- result = sprintf(app_ids[i], APP_ID "%d", i);
+ /* Libprivilege-control assigns "User" label to all apps. Replace it when individual labels
+ are supported. */
+ result = sprintf(app_ids[i], GENERATED_APP_ID);
RUNNER_ASSERT_MSG(result > 0, "Cannot generate name for app nr: " << i);
}
DB_END
+ // All apps have the same label "User" so this check makes no sense.
// Verify that some previously installed app does not have
// any acces to app 0 and app 5 PRIVATE folders
- for (int j = 0; j < app_count; ++j)
+ /*for (int j = 0; j < app_count; ++j)
{
// Apps 1-9 should not have any access to app 0
if (j != 0)
") has access to private label of: " << app_ids[5] <<
". It may not be shared. Loop index: " << i << ".");
}
- } // End for Verify PRIVATE
+ }*/ // End for Verify PRIVATE
// Verify that apps 1, 2 and 6 have all accesses to GROUP_RW folders
result = check_all_accesses(smack,
RUNNER_ASSERT_MSG(result == 1,
"Not all accesses to owned Public RO dir are granted. App id: "
<< app_ids[j] << " Loop index: " << i);
+ // All apps have the same label "User" so this check makes no sense.
// Verify that there are no extra permissions to public dirs
- result = check_no_accesses(smack,
+ /*result = check_no_accesses(smack,
(const rules_t) {
{ app_ids[j], shared_dir7_auto_label.c_str(), "w" },
{ app_ids[j], shared_dir7_auto_label.c_str(), "t" },
{ app_ids[j], shared_dir8_auto_label.c_str(), "t" } } );
RUNNER_ASSERT_MSG(result == 1,
"Unexpected extra permissions added for app:" << app_ids[j]
- << ". Loop index: " << i);
+ << ". Loop index: " << i);*/
}
if (j == 7)
{
RUNNER_ASSERT_MSG(result == 1,
"Not all accesses to owned Public RO dir are granted. App id: "
<< app_ids[j] << " Loop index: " << i);
+ // All apps have the same label "User" so this check makes no sense.
// Verify that there are no extra permissions to public dirs
- result = check_no_accesses(smack,
+ /*result = check_no_accesses(smack,
(const rules_t) {
{ app_ids[j], shared_dir3_auto_label.c_str(), "w" },
{ app_ids[j], shared_dir3_auto_label.c_str(), "t" },
{ app_ids[j], shared_dir8_auto_label.c_str(), "t" } } );
RUNNER_ASSERT_MSG(result == 1,
"Unexpected extra permissions added for app:" << app_ids[j]
- << ". Loop index: " << i);
+ << ". Loop index: " << i);*/
}
if (j == 8)
{
RUNNER_ASSERT_MSG(result == 1,
"Not all accesses to owned Public RO dir are granted. App id: "
<< app_ids[j] << " Loop index: " << i);
+ // All apps have the same label "User" so this check makes no sense.
// Verify that there are no extra permissions to other public dirs
- result = check_no_accesses(smack,
+ /*result = check_no_accesses(smack,
(const rules_t) {
{ app_ids[j], shared_dir3_auto_label.c_str(), "w" },
{ app_ids[j], shared_dir3_auto_label.c_str(), "t" },
{ app_ids[j], shared_dir7_auto_label.c_str(), "t" } } );
RUNNER_ASSERT_MSG(result == 1,
"Unexpected extra permissions added for app:" << app_ids[j]
- << ". Loop index: " << i);
+ << ". Loop index: " << i);*/
}
result = check_all_accesses(smack,
"Not all accesses to App-Setting dir are granted."
<< app_ids[9] << " " << setting_dir9_auto_label
<< " Loop index: " << i);
- result = smack_have_access(APP_TEST_SETTINGS_ASP1, app_ids[4], "rx");
+ // All apps have the same label "User" so this check makes no sense.
+ /*result = smack_have_access(APP_TEST_SETTINGS_ASP1, app_ids[4], "rx");
RUNNER_ASSERT_MSG(result == expected_smack_result,
"Not all accesses to App-Setting dir are granted."
<< APP_TEST_SETTINGS_ASP1 << " " << app_ids[4]
RUNNER_ASSERT_MSG(result == expected_smack_result,
"Not all accesses to App-Setting dir are granted."
<< APP_TEST_SETTINGS_ASP1 << " " << setting_dir9_auto_label
- << " Loop index: " << i);
+ << " Loop index: " << i);*/
DB_END
+ // All apps have the same label "User" so this check makes no sense.
// Check if permissions are removed properly
- for (int j = 0; j < app_count; ++j)
+ /*for (int j = 0; j < app_count; ++j)
{
// To all other apps
for (int k = 0; k < app_count; ++k)
"Not all permisions revoked. Subject: " << app_ids[j]
<< " Object: " << app_ids[k] << " Loop index: " << i);
}
- }
+ }*/
DB_BEGIN
projects / platform / core / test / security-tests.git / blobdiff