path: root/packaging/security-manager.changes

Release: 1.4.14
Date:    2019.02.13
Name:    Release 1.4.14
Description:
Force logging server-side write() and close() operations
Add logging response buffer size in debug mode

###############################

Release: 1.4.13
Date:    2019.01.11
Name:    Release 1.4.13
Description:
Apply db fallback is present and the db is an empty file
Loader: add pragma legacy_alter_table for compatibility with sqlite 3.25.2+
Add missing spaces in log messages

###############################

Release: 1.4.12
Date:    2018.12.19
Name:    Release 1.4.12
Description:
Add core privileges
Set nullptr to reused data pointer
Fix issues raised by static analysis
Change local permissible file location to use UID rather than username

###############################

Release: 1.4.11
Date:    2018.11.22
Name:    Release 1.4.11
Description:
Protect security_manager_app_has_privilege with privilege check
Check some poll() and mount() errors
Fix documentation headers with required privilege descriptions
Fix function name spelling error
Change config.cpp variables to #define

###############################

Release: 1.4.10
Date:    2018.11.02
Name:    Release 1.4.10
Description:
Replace runtime production/test db choice with compile-time policy
Replace smack rule storage with straight-from-db rule loader
Optimize package installation
Prevent smack rules leaking during multi-app hybrid pkg uninstall
Enable additional sqlite pragmas for robustness

###############################

Release: 1.4.9
Date:    2018.09.27
Name:    Release 1.4.9
Description:
Add privilege for checking app permission

###############################

Release: 1.4.8
Date:    2018.09.20
Name:    Release 1.4.8
Description:
Fix security-manager/libsecurity-manager-client cyclic dependency

###############################

Release: 1.4.7
Date:    2018.09.18
Name:    Release 1.4.7
Description:
Fix build break with 1.65.1 boost version

###############################

Release: 1.4.6
Date:    2018.09.17
Name:    Release 1.4.6
Description:
Add core privilege: updatecontrol.admin and permission.check

###############################

Release: 1.4.5
Date:    2018.09.13
Name:    Release 1.4.5
Description:
Move standard users group management from GUM to security-manager
Lazily initialize variables that need tz-platform-config
Attempt database fallback recovery on some schema errors
Change naming of recovery-management file & functions
Optimize application uninstallation
Simplify array size calculation
Prefer std::vector::emplace_back to push_back in db code

###############################

Release: 1.4.4
Date:    2018.08.24
Name:    Release 1.4.4
Description:
Initialize database and restart service in policy-reload
Give internet privilege to kernel thread(@)
Add error logs when translating group names to gids
Drop unused destroyAt()
Fix: Remove all SharedRO rules after pkg uninstallation.
Fix: launch security-manager-cleanup after /opt/usr is mounted.
Remove fileExists() duplicates
Add Apache 2.0 license header
Change way of displaying performance test results
Rework security-manager-migration script as a policy update script
Remove unused source code

###############################

Release: 1.4.3
Date:    2018.08.07
Name:    Release 1.4.3
Description:
Add removal of DB broken flag before atempt to setup DB
Add database snapshotting and recovery
Pull db migration into manager binary at startup
Sanitize privilege_db query storage
Fix memleak in PrivilegeDb()
Add /opt/usr/media to privilege-mount.list again
Retrieve package manager privilege from User::Shell client
Make spec compliant with gbs --incremental
Add TZ_SYS_MEDIASHARED to privilege-mount.list
Change log message in realPath
Make server keep its original log tag
Fix hybrid pkg uninstallation

###############################

Release: 1.4.2
Date:    2018.06.20
Name:    Release 1.4.2
Description:
Adjust build to boost 1.65.1
Add detection of bad sizes/lengths of deserialized containers
Add protection against leaking memory during deserialization

###############################

Release: 1.4.1
Date:    2018.05.17
Name:    Release 1.4.1
Description:
Refactoring/removing unnecessary branches
Add %build in spec file
Fix mount namespace setup in case of multiple apps in one pkg

###############################

Release: 1.3.4
Date:    2018.04.25
Name:    Release 1.3.4
Description:
Allow is_hybrid flag change during app upgrade

###############################

Release: 1.3.3
Date:    2018.04.09
Name:    Release 1.3.3
Description:
Add core privilege voicecontrol.manager, softap and softap.admin

###############################

Release: 1.3.2
Date:    2018.04.04
Name:    Release 1.3.2
Description:
Fix build error regarding to Cmake upgrade

###############################

Release: 1.3.1
Date:    2018.02.28
Name:    Release 1.3.1
Description:
Allow application to fetch its own manifest
Add full get_app_manifest_policy API implementation
Add serviceImpl of getAppManifestPolicy function
API prototypes for checking app manifest policy
Database Performance Test
license-manager-agent: fix memory leak

###############################

Release: 1.3.0
Date:    2018.01.17
Name:    Release 1.3.0
Description:
Fix MountNS::isPathBound()
Fix NSMountLogic in case when user has no running applications
Identify apps by Smack label instead of appName in NSMountLogic
During application start, privileged directory enforced by bind mount may be missing
client: do not add application process to hardcoded groups
Add core privilege: devicecertificate
Monitor mount/umount events on the system and update app mount namespaces
Refactoring: make NSMountLogic class responsible for Channel and MntMonitor
Add security_manager_cleanup_app() API
Change license-manager package name
Add explicit dependency on libnss-security-manager
Fix API for freeing policy entries
Refactor security_manager_create_namespace_internal()
Refactor security_manager_prepare_app()
Optimize tracking of application mount namespace

###############################

Release: 1.2.30
Date:    2017.12.07
Name:    Release 1.2.30
Description:
Fix bugs found in the code by static analysis
Fix the bug for clearing SharedRO Smack rules
Fix the potential memory leak.
security-manager-cmd: add new option "manage-privilege" for policy manipulation
Add hybrid flag setting to security-manager-cmd
Add ConfigFile class for run-time reading and parsing of config files
Allow privilege enforcement with bind mounts to be configured
Don't enable mount namespace code when the config file is missing or empty

###############################

Release: 1.2.29
Date:    2017.11.17
Name:    Release 1.2.29
Description:
Adding privilege group priv_tee_client.
Include empty rules.merged file in the package

###############################

Release: 1.2.29
Date:    2017.11.03
Name:    Release 1.2.29
Description:
Add support for external storage directories
When preparation of database connection fails, indicate this with a file fleg
Fix security-manager package installation/update
Remove duplicated -fPIC flag
Fix database script
Add test to check TizenVersion update in database.

###############################

Release: 1.2.27
Date:    2017.10.18
Name:    Release 1.2.27
Description:
Prepare app_inst_req for handling multiple app_ids at once
Add new API for installing pkg_id with multiple app_ids at once
Add new functions to filesystem operations wrapper
Add mount namespace operations wrapper
Add IPC channel implementation
Prepare app to launch in mount namespace
Modify app launched in mount namespace
Gotta catch 'em all (TizenPlatformConfig::Exception)
Fix: Check if file exist before umount is made

###############################

Release: 1.2.26
Date:    2017.09.28
Name:    Release 1.2.26
Description:
Add core privilege: peripheralio
Remove core privilege: d2d.datasharing
Remove redundant file info from SM dlog logs

###############################

Release: 1.2.25
Date:    2017.09.18
Name:    Release 1.2.25
Description:
Redo C-style var args methods
User dynamic cast for base-to-derived conversion

###############################

Release: 1.2.24
Date:    2017.08.09
Name:    Release 1.2.24
Description:
Fix license-manager rpm install/update/erase
Enforce PIE through main CMakeLists

###############################

Release: 1.2.23
Date:    2017.08.07
Name:    Release 1.2.23
Description:
Add core privilege: gesturegrab, gestureactivation
Fix bugs reported by C++Test and SVACE
Change coding style in socket-manager.cpp
Fix database upgrading from v10 to v11
Fix buffer overflow in exception.h
Replace getgrent with getgrnam_r in security_manager_groups_get
Fix race condition in reading credentials

###############################

Release: 1.2.22
Date:    2017.07.20
Name:    Release 1.2.22
Description:
Fix segfault in nss plugin

###############################

Release: 1.2.21
Date:    2017.07.11
Name:    Release 1.2.21
Description:
Allow application to fetch its own policy
Optimize group processing performance
Add core privilege: blocknumber.read, blocknumber.write

###############################

Release: 1.2.20
Date:    2017.06.30
Name:    Release 1.2.20
Description:
Remove dependency to Nether
Add missing else keyword
Fix memory allocation loop
Apply -fPIE and -pie flag to license-manager
Verify if certificate CN entry is equal to pkgId.
Refactor error handling on app_defined_privilege/client_license table
Change license-manager-agent uid/gid to security_fw
Accept null as appId during license extraction
New schema of database
Apply coding rules
Implement certificate verification inside agent
Improve implementation of appdefined privilege API
Remove outdated 'CREATE INDEX + performance tests required' TODO
security-manager-cmd: add new option "manager-apps" for app install/uninstall
Support security_manager_app_uninstall calling in off-line mode

###############################

Release: 1.2.20
Date:    2017.05.19
Name:    Release 1.2.20
Description:
Merge remote-tracking branch 'origin/appdefined' into tizen
Add core privilege: tee.client
Add core privilege: zigbee, zigbee.admin

Release: 1.2.18
Date:    2017.04.27
Name:    Release 1.2.18
Description:
Adjust UT case T520_add_application_two_tizen_versions_to_same_package
Adjust tests to boost 1.62
Fix issues detected by SVACE
Revert of changes related to privacy popups
Do not show toast fail launch popup for white list app.
Handle HW key input case from askuser popup.
Adapt requirement names for askuser-notification to new naming
Migrate existing application policy to use new ask-user policies
Implement security_manager_prepare_app_privacy
Add new API for handling privacy privileges during application launch
Replace usage of Ask User plugin with Privacy Deny Plugin
Change labelPaths logic for FOTA

###############################

* Thu Mar 30 2017 Jin-gyu Kim <jin-gyu.kim@samsung.com>
- Version 1.2.18
- Use %license macro to copy license file.
- Add "VALGRIND" build type
- Remove the redundant SharedRO SMACK rules.
- Unify method names in CynaraAdmin to pascal case
- Clean up cynara classes members names
- Free requests after processing them in cmd line tool
- Add missing ')' in cmd line tool usage description
- Allow version compatibility change during application upgrade
- Remove dependency between SM and DBUS
- Make it possible to use out-of-the-source build dir
- [Unit tests] for PrivilegeDb class - related to private path sharing
- Remove setting of CMAKE_C_FLAGS in the main CMakeLists.txt
- Fix inconsistent types error
- Log appId in case of errors in security_manager_prepare_app
- Remove setting of -DTIZEN_DEBUG_ENABLE compilation flag
- Remove unnecessary transaction rollback
- Remove empty lines from rules.merged file.
- Don't ignore errors in supplementary group setup during app launch preparation
- Fix thread synchronization in Cynara class

* Mon Jan 23 2017 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.16
- Fix in generateAppPkgNameFromLabel implementation
- [Unit tests] Add test for src/common/include/smack-labels.h
- [Unit tests] Add test for src/common/include/smack-rules.h
- Remove default dependency in cleanup service

* Wed Jan 18 2017 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.15
- Split service cleanup in two parts to prevent std::terminate
- Use real path of skel dir

* Fri Jan 13 2017 Tomasz Swierczek <t.swierczek@samsung.com>
- Version 1.2.14
- Add missing exception handler for TizenPlatformConfig
- Add support for blacklist privileges using policy manager
- Wake up Cynara async thread from statusCallback
- Make sure transaction is rolled back in case of error

* Thu Jan 5 2017 Jin-gyu Kim <jin-gyu.kim@samsung.com>
- Version 1.2.13
- Fix memory leak in CynaraAdminPolicy move operator
- Fix memory leak in CheckProperDrop::getThreads()
- Don't put empty lines in generated Smack policy
- Set Cynara client cache size manually
- Fix compilation scripts.
- Replace read/write with send/recv
- Fix memory leak from cynara_async_configuration_create
- Fix comments in privilege_db.h regarding exceptions thrown by functions
- Fix in logs in IsPackageHybrid function
- Disable logs from SqlConnection
- Change auto_ptr to unique_ptr.
- Replace readdir_r to readdir.
- Don't accept wrong package id on app uninstall
- Remove ServicerImpl from derived Service class
- Fix in GetAllPrivateSharing implementation
- Enforce ownership of a shared path by one app.
- Change skel directory to /opt/etc/skel

* Wed Dec 14 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.12
- Allow privileged caller to configure privacy manager for other users

* Thu Dec 13 2016 Jin-gyu Kim <jin-gyu.kim@samsung.com>
- Version 1.2.11
- Map email privilege to priv_email

* Fri Dec 9 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.10
- Add transmute rule between non-hybrid app and RW path

* Wed Dec 7 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.9
- Properly handle case of unknown "Ask user" policy

* Mon Dec 5 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.8
- Add new parameter of isPrivacy function - pkgName

* Thu Dec 1 2016 Bartlomiej Grzelewski <b.grzelewski@samsung.com>
- Version 1.2.7
- Fix in GetGroups implementation
- Add security_manager_shm_open

* Fri Nov 11 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.6
- Fix sigaction() on x86_64 arch
- Add 'l' permission to sharedRO Smack rule

* Tue Nov 8 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.5
- Fix build break on 64 bits architectures

* Tue Nov 1 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.4
- Enable security-manager support for starting without systemd

* Mon Oct 24 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.2.3
- Update policy set for 'security' user type
- Cleanup Fix ListUsers parameter description
- SM : Unify Smack rules of System access to application
- Use smack_check() helper function instead of manually calling libsmack
- Provide proper placeholder file for global apps-labels
- Don't hard-code /usr/share directory in FOTA script
- Add FOTA script for security-manager policy update
- Use SIGSETXID for security synchronization across threads
- [Unit tests] for FileLocker class
- Fix retrieving of current process credentials for off-line client
- Extend ClientOffline
- client: extract common code for communication with service
- Improve handling of uncaught exceptions in client library
- server: add missing linking against pthread
- Treat web only privilege as core privilege

* Mon Oct 10 2016 Seongwook Chung <seong.chung@samsung.com>
- Version 1.2.2
- Add packagemanager.info privilege for 'User::Shell' domain
- Limit number of sql queries during installation
- Explicitly instantiate LogSystemSingleton
- PrivilegeDb: Add getting packages installed for user
- ServiceImpl: Optimize generating package process labels
- Remove Cynara singleton
- PermissibleSet: Remove PrivilegeDb usage
- Remove PrivilegeDb singleton
- Remove CynaraAdmin singleton

* Wed Sep 28 2016 Rafal Krypa <r.krypa@samsung.com>
- Version 1.2.1
- Change the way of app process label generation
- Update default policy for new domain('User::Shell')

* Tue Sep 20 2016 Rafal Krypa <r.krypa@samsung.com>
- Version 1.2.0
- Add internal privilege for internal APIs
- Add support for USER_TYPE_SECURITY
- Add policy versioning
- Add API for identifying application from Cynara client

* Mon Sep 05 2016 Yunjin Lee <yunjin-.lee@samsung.com>
- Version 1.1.17
- Add/remove core privilege(fido.client/ dpm.settings)
- Remove core privilege : vpnservice.admin
- Fix log prefix (tag) for Pedantic log level
- Check tgkill() result
- Move release fence after the last global variable is modified
- Replace obsolete tkill with tgkill
- Add variadic template for deserialization

* Mon Aug 29 2016 Jin-gyu Kim <jin-gyu.kim@samsung.com>
- Version 1.1.16
- Implement libnss_securitymanager
- Add security_manager_groups_for_uid()
- Rewrite shared RO directory support in security-manager

* Mon Aug 22 2016 Yunjin Lee <yunjin-.lee@samsung.com>
- Version 1.1.15
- Add core privilege: appdir.shareddata

* Fri Aug 12 2016 Tomasz Swierczek <t.swierczek@samsung.com>
- Version 1.1.14
- Moving user and global apps-names files to /opt/var
- Simplify declaration and generation of unique_ptrs
- Fix contraints for app installation.

* Fri Jul 22 2016 Yunjin Lee <yunjin-.lee@samsung.com>
- Version 1.1.13
- Fix typo in service file SmackProcessLabel set

* Thu Jul 21 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.1.12
- Handle missing Cynara error codes, throw specific exceptions
- Add missing logs in service on several service calls
- Mark old path registration function as deprecated
- Set SmackProcessLabel to System::Privileged

* Thu Jul 14 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.1.11
- Add systemd option - Restart
- Update policy template for onlycap feature

* Fri Jul 01 2016 Tomasz Swierczek <t.swierczek@samsung.com>
- Version 1.1.10
- Don't store application privileges in db
- Fix return type in setup_smack function
- Do not exit when security_manager_prepare_app fails

* Tue Jun 28 2016 Tomasz Swierczek <t.swierczek@samsung.com>
- Version 1.1.9
- Define PATH environment variable in scripts.
- Fix wrong tizen2X apps fetching on app uninstall

* Thu Jun 23 2016 Tomasz Swierczek <t.swierczek@samsung.com>
- Version 1.1.8
- Fix global apps deinstallation
- Remove DPL String class and dependencies on it
- Add internal privilege for web only privilege
- ServiceImpl: remove sharing rules on application uninstall
- PrivilegeDB: Add private sharing squashing
- PrivilegeDB: Add getters for fetching owner/target private sharing
- Return error when private sharing doesn't exist

* Thu June 16 2016 Tomasz Swierczek <t.swierczek@samsung.com>
- Version 1.1.7
- Add internal privilege for app debugging
- Add core privileges
- Add check if privileges were properly dropped
- Threads security context synchronization
- Added parameter mode and made more generic getDirContents function
- Prepare setup_smack client function for running without CAP_MAC_ADMIN
- Fix installation user mangling
- Disable ASKUSER policy by default
- Fix policy access control for accessing another user's policy
- Add proper policy setup for privacy-related privileges
- Fix doxygen comments

* Wed May 25 2016 Tomasz Swierczek <t.swierczek@samsung.com>
- Version 1.1.6
- Fix issues with local user app instalaltion and inotify file watches.
- Fix and generalize generation of default "apps-names" configuration files
- Allow application directories to be placed in /etc/skel/apps_rw
- Introduce an interface class for tzplatform-config
- Implement API for managing list of permitted labels for launcher
- Simplify and fix code generating SharedRO Smack rules
- Cleanup around Tizen2X apps/packages generation functions
- Add tizen version handling to the cmd line tool
- Add dlog log provider. Make log backend configurable.
- Revert "Completely remove dlog remainings"

* Wed May 18 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.1.5
- Fixing small spelling error in db.sql, reproduction only with building new image with MIC
- Require usermanagement permission for local app installation for other users
- Fix the update of package cross-rules during uninstallation
- Path registration requests - server side implementation
- Path registration requests - client side implementation
- Move author_id to pkg - server code adjustment
- Move author_id to pkg - db migration
- Add path registration API stub
- Add privilege-group mapping for tethering.admin privilege

* Mon May 9 2016 Jooseong Lee <jooseong.lee@samsung.com>
- Version 1.1.4
- Use wildcard user in cynara policy installing a preloaded app

* Mon May 2 2016 Tomasz Swierczek <t.swierczek@samsung.com>
- Version 1.1.3
- Change logic of security_manager_set_process_groups_from_appid
- Don't check permissions on API calls in off-line mode
- Fix implementation of filesystem.cpp
- Move smack files to new directory
- refactoring: use common function template for getting label by libsmack
- Add installation types (global, local, preloaded).
- Integrate with Cynara, clients must be privileged
- db: update schema to version 2
- Add constraint error in database logic.
- More error messages
- Use app instead of app_pkg_view in sqlite queries
- security-manager-policy-reload: don't print errors on image build
- Add privilege-group mapping for iotcon
- Remove unused table version
- Adjust Cynara privileges required by privacy manager APIs
- Revert "Add installation types (global, local, preloaded)."
- DB: Change app ids to app names in private sharing
- Revoke subject label of uninstalled application

* Wed Mar 23 2016 Yunjin Lee <yunjin-.lee@samsung.com>
- Version 1.1.2

* Mon Mar 21 2016 Keeho Yang <keeho.yang@samsung.com>
- Updated version for release

* Thu Sep 03 2015 Rafal Krypa <r.krypa@samsung.com>
- Version 1.1.0
- Master-slave mode to support Vasum (Tizen containers)
- New API for support of privilege mapping between platform versions
- New API for getting list of groups mapped to privileges
- Updated policy for labeling application files\
- Always print warning log messages

* Wed Mar 25 2015 Jacek Bukarewicz <j.bukarewicz@samsung.com>
- Version 1.0.2
- Work around application installation problems on slow targets

* Fri Mar 20 2015 Rafal Krypa <r.krypa@samsung.com>
- Version 1.0.1
- Bug-fix release, no new features.

* Fri Mar 06 2015 Rafal Krypa <r.krypa@samsung.com>
- Version 1.0.0
- User management
  - Support for managing policy per user
  - Interface for registering user creation and removal
  - Hook-based Integration with gumd for user creation/removal events
  - Initial user policy based on user type (guest, normal, admin)
  - Initial configuration of user type policy granting all privileges to every
    user type
- API for managing per-user policy
  - Support for user-admin-like interface for tuning per-user policy by
    administrator
  - Support for privacy-manager-like interface for users limiting their own
    applications
- Off-line mode supporting limited functionality when service is not running
  - Application installation
  - User creation
- Command line tool wrapping some of security-manager's APIs
  - Registration of application installation and deinstallation with privileges
    and application paths
  - Registration of user creation/removal (for gumd integration mentioned above)
- Enhanced configuration of Cynara policy
  - Structured policy based on several buckets
  - Initial policy created on security-manager installation
  - Programs with "User" and "System" labels get access to all privileges (with
    regard to per-user policy)
- Easier setup of privilege-group mapping
  - A config file with the mapping and command line tool for importing it to
    security-manager
- Smack labeling for applications in final form
  - No longer hard-code labels of all applications to "User"
  - Each application gets unique Smack label based on appId

* Tue Sep 18 2014 Rafal Krypa <r.krypa@samsung.com>
- Version 0.2.0
- No longer use libprivilege-control
- Set Cynara policies during installation
- Support group-mapped privileges
- Use designated user for global app installation instead of root

* Fri Jul 25 2014 Stephane Desneux <stephane.desneux@open.eurogiciel.org>
- Keep information about installed applications in private data base
- Complete support for uninstallation
- Support per user installation of applications
- Properly handle multiple applications with the same pkgId
- Add API for launchers setting Smack label during application start
- Systemd integration
- Log to systemd journal instead of dlog

* Wed Jun 18 2014 Rafal Krypa <r.krypa@samsung.com>
- Version 0.1.0
- Initial release of standalone security-manager, splitting from security-server