[Dev] Security Domains on Tizen 3

Schaufler, Casey casey.schaufler at intel.com
Tue Dec 31 23:28:55 GMT 2013


There seems to be some remaining confusion regarding security domains on Tizen 3. All profiles, including IVI and Mobile, are using the three domain model https://wiki.tizen.org/wiki/Security:SmackThreeDomainModel and all packages are required to have manifests in the packaging directory. At this point you should not be creating Smack domains. The default manifest should be used. If you don't think this is right, please contact me.

Files that you create will be given the Smack label of the running process. If you run zypper from a User shell the files will get installed labeled User. You can check your process Smack label using the id command, and see the Smack label of files using "ls -Z" or chsmack. If there is any doubt, you should install packages with a process Smack label of floor ("_").

                # echo _ > /proc/self/attr/current
                # your install commands here

If you see files with Smack labels that are not described in the wiki page above there is a problem. Please let me know about it. I already know about the labels beginning with "AMB". The description of those should be in the wiki shortly.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tizen.org/pipermail/dev/attachments/20131231/cf24e283/attachment.html>


More information about the Dev mailing list