[Dev] Tizen 3.0 proposal for applications launch

Jussi Laako jussi.laako at linux.intel.com
Wed Oct 16 10:23:17 GMT 2013


On 10.10.2013 20:06, Schaufler, Casey wrote:
> Tizen uses Smack labels. In any case, you're going to have
> to set a security attribute. That is going to require privilege.

Given that we have things like SMACK and capabilities, do we really need 
to run this kind of thing as root with all possible privileges and 
capabilities available in the system?

> Unfortunately, there is a perception that the exec()
> processing is too slow (I have yet to see numbers to
> back this up, but "everyone knows" this is the case)
> so it is standard practice to implement application
> launchers to speed the process up. The application
> launcher has to do everything that the exec() call
> does. That includes setting security attributes.
> As noted above, this requires privilege.

I understand need for launchers. It heavily depends on how much of 
runtime environment an application needs, mainly number of shared 
libraries it uses. Another reason launchers are needed, is that by 
default gcc exports _all_ non-static symbols of a shared library. This 
is insane, but unfortunately I rarely see proper export control being 
used on Linux (it is possible through gcc's attributes). For comparison, 
on Windows no symbols are exported by default and when creating a DLL 
you have to explicitly define symbols to be exported. This has great 
effect on the overall dynamic linker performance. So rest of the time is 
then time to run initialization code, and that of course depends on how 
much there is to initialize and how much of that could be done at app 
startup by memory mapping pre-initialized data with copy-on-write from 
storage (definitely best way).

Interpreted environments are entirely different matter, there the 
benefit may be even greater and harder to solve by other means.



More information about the Dev mailing list