Multi-user Analysis

From Tizen Wiki
Jump to: navigation, search

This page gives the details on the analysis that was done to detect offending packages (in regard to multiuser architecture).


Packages matrix

In the following document, we summarize the patterns matched by the offending packages and bug information entered in Jira.

Multiuser_matrix_of_packages.ods


Log files

A tarball has been uploaded on Jira in PTF-3

Log file names correspond to gerrit repository names with some abbreviations:

  • p for platform
  • c for core
  • a for app
  • ...

How to reproduce

Some regular expressions have been used on source code to detect hardcoded paths, uids etc.

To reproduce on a given project:

  • clone the project (git clone ...)
  • create a pattern.list file with the following content:
\s5000[^0-9]
/app/
"app"
'app'
chown\s
%attr\(.*app
setuid\s*\(
seteuid\s*\(
sqlite3_open\s*\(
sqlite3\s
db_util_open\s*\(
dbspace
opt/usr
opt/home
etc/usr
  • run the following grep command:
 grep --exclude-dir=.git -srn -E -f pattern.list <project_directory>