Smack domains User::Home and User::App::Shared
r.krypa at samsung.com
Wed Apr 8 08:23:30 GMT 2015
On 2015-03-23 10:06, Patrick Ohly wrote:
> Where can I find more information about the new(ish) domains
> "User::Home" and "User::App::Shared"? What's the intended usage?
The new labels were introduced to provide applications different level of access to files in user home directory.
The following labels in User domain are currently defined:
* "User" - files with that label cannot be accessed by applications
* "User::Home" - applications can access read only
* "User::App::Shared" - applications can freely read and write, with transmute
* "User::App::$app_id" - private files of an application
* "User::App::$pkg_id" - directories for application package, for exchanging data between apps with the same package id
> Commit messages introducing them only refer to September 2014 F2F
> meeting in Vannes, without explaining the purpose for those who were not
> at that meeting.
I thought that the Smack labels were mentioned somewehere on Tizen wiki, but it seems that they aren't.
I will update the Smack page accordingly to fix that.
> The latter shows how User::Home gets set, for example, for the
> top-level /etc/skel. What about files inside the home?
All files inside home directories of all users should be labeled with a proper label. Labeling of /etc/skel is supposed to provide that, as shown on the second link you provided.
> Are tools creating home directories expected to copy Smack labels? I'm
> not sure whether gumd currently does that.
Yes, gumd should copy files from /etc/skel preserving their Smack labels.It seems that it already does:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Dev