[Dev] Sandbox mechanism
patrick.ohly at intel.com
Sun Dec 15 18:55:48 GMT 2013
On Fri, 2013-12-13 at 13:29 -0800, Peters, Brad T wrote:
> On Fri, Dec 13, 2013 at 12:27 PM, Leibowitz, Michael <michael.leibowitz at intel.com> wrote:
> On Fri, Dec 13, 2013 at 11:50 AM, Peters, Brad T
> <brad.t.peters at intel.com> wrote:
> > The thing to realize here is that Tizen is a bare-metal application
> > environment - and this is a GOOD thing. We get major performance
> > Tizen native apps are equivalent to system-level apps in that they all have
> > PID's and are true processes. The BIG difference is that, in Tizen, we have
> > SMACK and SystemD to limit and throttle what these processes can do, as well
> > as top-to-bottom source-code review of all vendor supplied Apps.
> Review is not a replacement for security mechanisms.
> Yes. And security mechanisms are not a replacement for source review.
> Why are you making irrelevant points?
I found it relevant. Most of the people here on the list will know that
a code review can't be perfect and thus runtime checks are useful. But
it doesn't hurt to be very explicit about this.
Regarding sandboxes: what Joel might have been looking for is protection
of all (or at least some) user space data (like contacts) from other
user space process. Currently we don't have that in Tizen 3.0, and it is
not planned for 3.0 either. At least that's my understanding.
Best Regards, Patrick Ohly
The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.
More information about the Dev