[Dev] Cynara + multi-user + HOME

Patrick Ohly patrick.ohly at intel.com
Wed Apr 16 06:36:00 GMT 2014

On Tue, 2014-04-15 at 18:03 +0000, Schaufler, Casey wrote:
> > EDS gets started via D-Bus auto-activation. The data is following XDG
> > standards and thus ends up in $HOME. It runs with "User" label.
> > 
> > Will that service have to be modified?
> Is it managing "privileged" resources? If it Is it will have to
> start using Cynara to determine if requests for "privileged"
> resources should be served.

It stores contact data, so yes, it has to implement the checks. I was
wondering whether further changes will be necessary, like using other
data locations or running it differently. The answer to that seems to be

> > I looks to me like there is work going on about separating apps from the
> > three domains. Not knowing about that work is what caused this confusion
> > here for the rest of us (including me) who were not involved in that
> > effort. May I suggest that the Wiki page gets extended to cover also
> > these additional, per-app labels, and that more communication regarding
> > that effort happens here on the mailing list?
> Yes. There is still design being done with the crosswalk installation
> and application launch components that will influence what this
> will really look like. I would hate to document details that turn out
> to be incorrect.

Then perhaps start by removing or striking out the parts of the current
documentation which are known already to be incorrect. For example, this
section here about Tizen 3 seems wrong to me. Instead the section about
Tizen 2 seems to apply again:

        Differences Between Tizen 2 and Tizen 3
        In Tizen 2 security domains are assigned based on installation
        packages. All files and directories created by the package are
        put into a domain specified in the package manifest file. All
        programs in the package are installed to execute in that domain
        using the SMACK64EXEC file attribute.
        In Tizen 3 security domains are explicitly defined in advance by
        a crack team of security experts. Domains are defined in terms
        of the function they perform. Rather than assuming that a
        package defines a domain specific domains are initiated by
        systemd as it launches services. The role of packaging is
        significantly reduced. System files are stored where they can be
        used by any domain and only domain specific data needs to be

Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.

More information about the Dev mailing list