[Dev] Cynara + multi-user + HOME

Schaufler, Casey casey.schaufler at intel.com
Wed Apr 16 15:34:21 GMT 2014

> -----Original Message-----
> From: Patrick Ohly [mailto:patrick.ohly at intel.com]
> Sent: Tuesday, April 15, 2014 11:36 PM
> To: Schaufler, Casey
> Cc: Le Foll, Dominique; Lukasz Wojciechowski; Carsten Haitzler (The
> Rasterman); dev at lists.tizen.org
> Subject: Re: [Dev] Cynara + multi-user + HOME
> On Tue, 2014-04-15 at 18:03 +0000, Schaufler, Casey wrote:
> > > EDS gets started via D-Bus auto-activation. The data is following
> > > XDG standards and thus ends up in $HOME. It runs with "User" label.
> > >
> > > Will that service have to be modified?
> >
> > Is it managing "privileged" resources? If it Is it will have to start
> > using Cynara to determine if requests for "privileged"
> > resources should be served.
> It stores contact data, so yes, it has to implement the checks. I was
> wondering whether further changes will be necessary, like using other data
> locations or running it differently. The answer to that seems to be no.
> > > I looks to me like there is work going on about separating apps from
> > > the three domains. Not knowing about that work is what caused this
> > > confusion here for the rest of us (including me) who were not
> > > involved in that effort. May I suggest that the Wiki page gets
> > > extended to cover also these additional, per-app labels, and that
> > > more communication regarding that effort happens here on the mailing
> list?
> >
> > Yes. There is still design being done with the crosswalk installation
> > and application launch components that will influence what this will
> > really look like. I would hate to document details that turn out to be
> > incorrect.
> Then perhaps start by removing or striking out the parts of the current
> documentation which are known already to be incorrect. For example, this
> section here about Tizen 3 seems wrong to me. Instead the section about
> Tizen 2 seems to apply again:
>         Differences Between Tizen 2 and Tizen 3
>         In Tizen 2 security domains are assigned based on installation
>         packages. All files and directories created by the package are
>         put into a domain specified in the package manifest file. All
>         programs in the package are installed to execute in that domain
>         using the SMACK64EXEC file attribute.
>         In Tizen 3 security domains are explicitly defined in advance by
>         a crack team of security experts. Domains are defined in terms
>         of the function they perform. Rather than assuming that a
>         package defines a domain specific domains are initiated by
>         systemd as it launches services. The role of packaging is
>         significantly reduced. System files are stored where they can be
>         used by any domain and only domain specific data needs to be
>         identified.

I can see where some clarification is in order. The discussion above is
about RPM installation of system packages, not user installation of
downloaded applications.

> --
> Best Regards, Patrick Ohly
> The content of this message is my personal opinion only and although I am an
> employee of Intel, the statements I make here in no way represent Intel's
> position on the issue, nor am I authorized to speak on behalf of Intel on this
> matter.

More information about the Dev mailing list