Fix labelling of files of widgets

Before that change any application could browse
content of other application.

This change fixes that unintended behaviour by setting
the installed files as private to the application.

This affects the Smack labels of the files that after
the change become the label of the application.

Conversely, it will now be necessarily to explicit
shared files. It happens in situation of resource
widgets, the one that provide a binding using the
feature urn:AGL:widget:provided-binding in config.xml.

The typical example is the widget for testing: afbtest.
The exported binding must be accessible by its clients.
But because it also use files that it provides, these
files must also be accessible by clients.

For that reason, the feature urn:AGL:widget:public-files
is introduced to config files, allowing a widget to make
part of its installed files public.

The installation logic is changed to handle correctly the
security manager that applies rights of directories to
files it contains. So the declaring directories and files
using the order of increasing path length ensures that
the expected rights are applied.

Bug-AGL: SPEC-3489

Change-Id: I933446a8c155a03d9b66767f1dda63aeaeb21eb1
Signed-off-by: José Bollo <jose.bollo@iot.bzh>

1 files changed, 1 insertions, 0 deletions

diff --git a/src/secmgr-wrap.h b/src/secmgr-wrap.h
index 2d16a8d..608ed8d 100644
--- a/src/secmgr-wrap.h
+++ b/src/secmgr-wrap.h
@@ -24,5 +24,6 @@ extern int secmgr_permit(const char *permission);
 extern int secmgr_path_public_read_only(const char *pathname);
 extern int secmgr_path_read_only(const char *pathname);
 extern int secmgr_path_read_write(const char *pathname);
+extern int secmgr_path_private(const char *pathname);
 
 extern int secmgr_prepare_exec(const char *appid);