[Dev] Tizen security workshop - summary
jobol at nonadev.net
Wed Aug 27 13:16:59 GMT 2014
On lun, 2014-07-14 at 13:06 +0200, Tomasz Swierczek wrote:
> 6. We agreed that we will develop launcher that will be
> responsible for native applications
> a. We decided that for now we will try to perform standard exec()
> after setting up proper security context
> b. Contact point: Jose Bollo
I just worked on the topic these last 2 days. The main problem currently
is to add supplementary groups needed for some privileges (the typical
example being video IIRC).
To achieve the work, i first want to iterate with you on few items.
I'm finding that there is a need to have a kind of database mapping
privileges to groups that have to be added to the process. Is there any
plan about such knowledge DB? Do you expect it to be sqlite? Should it
be queried using client/server or directly?
After having put the groups directly, I'm now considering that it would
be better to ask for Cynara. This will be slower but will let the system
decide to grant or not the accesses after user confirmation if needed.
Do you agree?
Then what about an integration of the topic into cynara client API? Just
an idea because it seems changing too much things while the job can be
done in an other way.
I'm also asking me if other clients (tizen-extension-crosswalk for
example) will need to add groups dynamically?
More information about the Dev