Adjust smack labelsubmit/tizen_3.0/20161227.111028

In response to security issue, restrict smack label of crash-manager.
In addition, adjust crash directories label to accord with
work of crash-worker.

Change-Id: I97390d50337fd36a746e260f3f6ebc29c6990526
Signed-off-by: Sunmin Lee <sunm.lee@samsung.com>

4 files changed, 7 insertions, 14 deletions

diff --git a/packaging/crash-worker.manifest b/packaging/crash-worker.manifest
index 8e0f4fd..c6cdebc 100644
--- a/packaging/crash-worker.manifest
+++ b/packaging/crash-worker.manifest
@@ -4,6 +4,7 @@
 	</request>
 	<assign>
 		<filesystem path="/usr/bin/dump_systemstate" label="System" exec_label="System"/>
-		<filesystem path="/usr/bin/crash-manager" label="System" exec_label="System::Privileged"/>
+		<filesystem path="/usr/bin/crash-manager" label="System" exec_label="System"/>
+		<filesystem path="/usr/bin/log_dump" label="System" exec_label="System"/>
 	</assign>
 </manifest>
diff --git a/packaging/crash-worker.spec b/packaging/crash-worker.spec
index d2a83e3..b436ad6 100644
--- a/packaging/crash-worker.spec
+++ b/packaging/crash-worker.spec
@@ -16,7 +16,6 @@ License:    Apache-2.0 and PD
 Source0:    %{name}-%{version}.tar.gz
 Source1001:    crash-worker.manifest
 BuildRequires:  pkgconfig(dlog)
-BuildRequires:  pkgconfig(libsmack)
 BuildRequires:  pkgconfig(libtzplatform-config)
 BuildRequires:  pkgconfig(iniparser)
 BuildRequires:  pkgconfig(capi-system-info)
@@ -142,10 +141,11 @@ fi
 /sbin/ldconfig
 %endif
 
-/usr/bin/chsmack -a "System::Shared" -t %{crash_path}
-/usr/bin/chsmack -a "System::Shared" -t %{crash_temp}
-/usr/bin/chsmack -a "System::Shared" -t %{crash_dump_gen}
-/usr/bin/chsmack -a "System::Shared" -t %{crash_dump_gen}/module.d
+/usr/bin/chsmack -a "System" -t %{crash_path}
+/usr/bin/chsmack -a "System" -t %{crash_temp}
+/usr/bin/chsmack -a "System" -t %{crash_dump_gen}
+/usr/bin/chsmack -a "System" -t %{crash_dump_gen}/module.d
+/usr/bin/chsmack -a "System::Shared" -t %{crash_all_log}
 /usr/bin/chsmack -a "_"  %{crash_dump_gen}/module.d/*
 
 %postun
diff --git a/src/crash-manager/CMakeLists.txt b/src/crash-manager/CMakeLists.txt
index 24ead7e..357fcaa 100644
--- a/src/crash-manager/CMakeLists.txt
+++ b/src/crash-manager/CMakeLists.txt
@@ -14,7 +14,6 @@ SET(CRASH_MANAGER_SRCS
 INCLUDE(FindPkgConfig)
 pkg_check_modules(crash-manager_pkgs REQUIRED
 	dlog
-	libsmack
 	libtzplatform-config
 	iniparser
 	gio-2.0
diff --git a/src/crash-manager/crash-manager.c b/src/crash-manager/crash-manager.c
index 9a02e4d..c003c07 100644
--- a/src/crash-manager/crash-manager.c
+++ b/src/crash-manager/crash-manager.c
@@ -28,7 +28,6 @@
 #include <sys/stat.h>
 #include <sys/types.h>
 #include <sys/prctl.h>
-#include <sys/smack.h>
 #include <sys/file.h>
 #include <sys/vfs.h>
 #include <gio/gio.h>
@@ -188,9 +187,6 @@ static int make_dump_dir(void)
 			_E("Failed to mkdir for %s", CRASH_PATH);
 			return -1;
 		}
-		smack_setlabel(CRASH_PATH, "System::Shared",
-				SMACK_LABEL_ACCESS);
-		smack_setlabel(CRASH_PATH, "1", SMACK_LABEL_TRANSMUTE);
 	}
 
 	if (!stat(CRASH_TEMP, &st)) {
@@ -203,9 +199,6 @@ static int make_dump_dir(void)
 			_E("Failed to mkdir for %s", CRASH_TEMP);
 			return -1;
 		}
-		smack_setlabel(CRASH_TEMP, "System::Shared",
-				SMACK_LABEL_ACCESS);
-		smack_setlabel(CRASH_TEMP, "1", SMACK_LABEL_TRANSMUTE);
 	}
 
 	return 0;