[Dev] Tizen 3.0 proposal for applications launch
jussi.laako at linux.intel.com
Wed Oct 16 10:23:17 GMT 2013
On 10.10.2013 20:06, Schaufler, Casey wrote:
> Tizen uses Smack labels. In any case, you're going to have
> to set a security attribute. That is going to require privilege.
Given that we have things like SMACK and capabilities, do we really need
to run this kind of thing as root with all possible privileges and
capabilities available in the system?
> Unfortunately, there is a perception that the exec()
> processing is too slow (I have yet to see numbers to
> back this up, but "everyone knows" this is the case)
> so it is standard practice to implement application
> launchers to speed the process up. The application
> launcher has to do everything that the exec() call
> does. That includes setting security attributes.
> As noted above, this requires privilege.
I understand need for launchers. It heavily depends on how much of
runtime environment an application needs, mainly number of shared
libraries it uses. Another reason launchers are needed, is that by
default gcc exports _all_ non-static symbols of a shared library. This
is insane, but unfortunately I rarely see proper export control being
used on Linux (it is possible through gcc's attributes). For comparison,
on Windows no symbols are exported by default and when creating a DLL
you have to explicitly define symbols to be exported. This has great
effect on the overall dynamic linker performance. So rest of the time is
then time to run initialization code, and that of course depends on how
much there is to initialize and how much of that could be done at app
startup by memory mapping pre-initialized data with copy-on-write from
storage (definitely best way).
Interpreted environments are entirely different matter, there the
benefit may be even greater and harder to solve by other means.
More information about the Dev