[Dev] enforcing priviliges of web apps (was: Re: New Tizen Bluetooth Framwork (NTB) wiki page)

Patrick Ohly patrick.ohly at intel.com
Tue May 13 09:16:18 GMT 2014

On Tue, 2014-05-13 at 10:49 +0200, José Bollo wrote:
> On mar, 2014-05-13 at 10:30 +0200, Patrick Ohly wrote:
> > I understand and agree that the system needs to enforce privileges. But
> > if all Web apps run in the same Crosswalk process, doesn't that force
> > Crosswalk to become a trusted part of the system?
> Hi,
> The process model of Crosswalk is more complicated: IIRC, for one
> application, 2 processes are launched. The launcher (aul, aul-ng) will
> take care to set good ids and context to these processes.

So Crosswalk will not be "having a single Web process for all App"?

They key question is: will a service contacted by Crosswalk via D-Bus be
able to identify which app it is servicing?

> > It can't delegate the enforcement to the rest of the system, because
> > that rest will just see one process making various requests, without
> > being able to tell on behalf of which app that request was made.
> > 
> > Cynara as discussed so far on this list does not cover this.
> right but is it needed?

That depends on who is expected to do the enforcement (D-Bus services or
some proxy) and whether we need to accommodate for a single process
hosting multiple apps.

> (*) Are native apps to be supported? The answer seems to depend on the
> people you are asking. For me the answer is yes because it is harder to
> secure.

I agree, there doesn't seem to be a consensus here. Not only is it
uncertain whether it is needed, it is also unclear which APIs need to be
available to native apps.

Best Regards, Patrick Ohly

The content of this message is my personal opinion only and although
I am an employee of Intel, the statements I make here in no way
represent Intel's position on the issue, nor am I authorized to speak
on behalf of Intel on this matter.

More information about the Dev mailing list