Skip to content
This repository was archived by the owner on Aug 5, 2022. It is now read-only.

Smack TODO

Jump to bottom
Patrick McCarty edited this page Apr 15, 2014 · 25 revisions

This list contains issues (bugs/features) related to Smack integration in Buxton.

  • Add more coverage tests to test/check_smack.c. Details: The big gaps are the inotify test for test/test.load2 and more tests that exercise the rules with "_" subject, and possibly a "User" subject so that the test suite can be run as an unprivileged user in Tizen 3.0.

    • Target: v2

  • Need to think of a race-free way to properly check capabilities of clients, instead of checking UID==0.

    • Target: v2

  • Allow set_label in user layers. Details: Until we can check capabilities of clients (CAP_MAC_ADMIN, etc.), this feature is blocked. Also, we should consider using the policy manager (polkit?) to make the final decision in case Smack checks fail, since it understands UNIX groups and DAC in general which may be useful for user layers.

    • Target: v2

  • Add API for unset_label. Details: Useful for packages that want to leave behind "owned" keys upon uninstall, so they "disown" the keys by unsetting the label on these keys, and buxton will assign a new floor ("_") label for each respective key. This behavior aligns with Smack's treating of files without labels as having an implicit floor label.

    • Target: v2; we need more use cases.

  • Add a transmute option for groups. Details: It may be useful for clients to set values for keys and have the key labels inherited from the group label. This would be implemented as an optional flag for a group set during group creation. This idea is equivalent to Smack's "transmuting" directory feature. Full support requires that Buxton understand the "t" flag in Smack rules. We need a list of use cases, too.

    • Target: v2

  • Smack support for list keys. Details: Check read access for groups within the given layer, and return a new array containing only the keys within readable groups.

    • Target: v2; the "list keys" action is being disabled for v1

  • Adding a root requirement for setting extended attributes to allow more Smack testing in make check. Details: Not needed in v1, maybe not at all, as long as we cover all Smack rule combinations we care about. Also, this is problematic to support on non-Smack-enabled systems. This feature will also be useful for testing other types of clients, e.g. those that connect to bt-daemon via IP sockets, etc.

    • Target: v2

  • Add get_label API. Details: Group labels should be world-readable, so no Smack checks needed there. For labels on keys, we check for read access on the key's group label.

    • Target: v2+; we need use cases

  • Clean up logic in direct_get_value to avoid multiple Smack checks for the target layer. Details: Simplify code in buxton_direct_get_value() so that we don't need a final buxton_direct_get_value_for_layer() call on the return; we can instead cache the BuxtonData (variable "d") in a separate variable when required, and return it if it's non-NULL, else false.

    • Target: ?? ... Not sure if we want this now ...
Clone this wiki locally