diff options
author | José Bollo <jose.bollo@iot.bzh> | 2017-03-17 11:17:36 +0100 |
---|---|---|
committer | José Bollo <jose.bollo@iot.bzh> | 2017-03-17 12:59:16 +0100 |
commit | 863bf1c6b4e10176edf8b26a9703109ab8db2c43 (patch) | |
tree | 3c725135eaf7b284a18ef6e83285692e7fb0d476 /src/secmgr-wrap.c | |
parent | 59c4af98b761d0f11514e9080a46a32bb440ebc0 (diff) |
Fix issue in labelling filesx-last-without-systemd
The current version of security manager put this tags
- SECURITY_MANAGER_PATH_PRIVATE
- SECURITY_MANAGER_PATH_RW
User::App::XXXX
- SECURITY_MANAGER_PATH_PUBLIC
- SECURITY_MANAGER_PATH_RO
User::Home
- SECURITY_MANAGER_PATH_PUBLIC_RO
_ (underscore or floor)
Putting floor is bad because it produces
files and directories that can't be removed.
Using SECURITY_MANAGER_PATH_RO instead of
SECURITY_MANAGER_PATH_PUBLIC_RO sets the
label "User::Home". It is valid because this
label is already read only for applications.
But it is writable by the "System" labelled
services at the opposite of "_".
Change-Id: I685fe366fddb95858c66b827e28acf6d005bcfc0
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
Diffstat (limited to 'src/secmgr-wrap.c')
-rw-r--r-- | src/secmgr-wrap.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/secmgr-wrap.c b/src/secmgr-wrap.c index 1b60ac4..ad550ba 100644 --- a/src/secmgr-wrap.c +++ b/src/secmgr-wrap.c @@ -117,7 +117,7 @@ static int addpath(const char *pathname, enum app_install_path_type type) int secmgr_path_public_read_only(const char *pathname) { - return addpath(pathname, SECURITY_MANAGER_PATH_PUBLIC_RO); + return addpath(pathname, SECURITY_MANAGER_PATH_RO); } int secmgr_path_read_only(const char *pathname) |