diff options
author | José Bollo <jose.bollo@iot.bzh> | 2020-07-10 13:18:47 +0200 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2020-07-11 18:44:19 +0200 |
commit | 70d6c64f0639b0c8ed2d8624227d1ecdf2853300 (patch) | |
tree | 6f6af8931306ea37a77f31a082787f6605b938a5 /doc/afm-system-daemon.html | |
parent | ac6f7ed88291b81cb70981bd7463b6a3b292fece (diff) |
Fix labelling of files of widgets
Before that change any application could browse
content of other application.
This change fixes that unintended behaviour by setting
the installed files as private to the application.
This affects the Smack labels of the files that after
the change become the label of the application.
Conversely, it will now be necessarily to explicit
shared files. It happens in situation of resource
widgets, the one that provide a binding using the
feature urn:AGL:widget:provided-binding in config.xml.
The typical example is the widget for testing: afbtest.
The exported binding must be accessible by its clients.
But because it also use files that it provides, these
files must also be accessible by clients.
For that reason, the feature urn:AGL:widget:public-files
is introduced to config files, allowing a widget to make
part of its installed files public.
The installation logic is changed to handle correctly the
security manager that applies rights of directories to
files it contains. So the declaring directories and files
using the order of increasing path length ensures that
the expected rights are applied.
Bug-AGL: SPEC-3489
Change-Id: I933446a8c155a03d9b66767f1dda63aeaeb21eb1
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'doc/afm-system-daemon.html')
0 files changed, 0 insertions, 0 deletions