openharmony/startup_init
1
0
Fork 0
mirror of https://gitee.com/openharmony/startup_init synced 2025-02-12 07:11:14 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

ui大于等于10000的进程跳过DAC校验

Browse Source 
Signed-off-by: zhongning5 <zhongning5@huawei.com>
This commit is contained in:
zhongning5 2023-08-21 11:28:31 +08:00
parent 180f377f8a
commit b99052c858
2 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
services/param/base/param_base.c
View File

@ -27,6 +27,7 @@
#include "param_trie.h"
#define TIMEOUT 1000
#define PUBLIC_APP_BEGIN_UID 10000
static ParamWorkSpace g_paramWorkSpace = {0};
@ -530,7 +531,10 @@ static int CheckParamPermission_(const ParamLabelIndex *labelIndex,
if (srcLabel->cred.uid == 0 && srcLabel->cred.pid == 1 && mode == DAC_WRITE) {
return DAC_RESULT_PERMISSION;
}
int ret = DacCheckParamPermission(labelIndex, srcLabel, name, mode);
int ret = 0;
if (srcLabel->cred.uid < PUBLIC_APP_BEGIN_UID) {
ret = DacCheckParamPermission(labelIndex, srcLabel, name, mode);
}
#ifdef PARAM_SUPPORT_SELINUX
if (ret == DAC_RESULT_PERMISSION) {
ret = SelinuxCheckParamPermission(labelIndex, srcLabel, name, mode);

2
services/param/linux/param_request.c
View File

@ -287,7 +287,6 @@ void ResetParamSecurityLabel(void)
paramSpace->flags |= WORKSPACE_FLAGS_NEED_ACCESS;
#endif
#endif
#ifdef SUPPORT_RESET_CLIENT_SOCKET
PARAM_LOGI("ResetParamSecurityLabel g_clientFd: %d ", g_clientFd);
pthread_mutex_lock(&g_clientMutex);
if (g_clientFd != INVALID_SOCKET) {
@ -295,5 +294,4 @@ void ResetParamSecurityLabel(void)
g_clientFd = INVALID_SOCKET;
}
pthread_mutex_unlock(&g_clientMutex);
#endif
}