[Dev] Understanding Cynara scope.
l.wojciechow at partner.samsung.com
Thu May 15 12:47:38 GMT 2014
W dniu 2014-05-15 13:59, Kis, Zoltan pisze:
> On Thu, May 15, 2014 at 2:51 PM, José Bollo
> <jose.bollo at open.eurogiciel.org> wrote:
>> On gio, 2014-05-15 at 13:48 +0300, Kis, Zoltan wrote:
>>> Crosswalk is using separate processes (not threads) for app/renderer,
>>> extension process and browser process. Security involves the extension
>>> process for checks (unless it's done on lower layers), and the browser
>>> process to present user dialog on permissions.
>> Zoltan, from my understanding, the user dialog is a separate mechanism
>> that is provided by components of Cynara. This is needed I think for
>> letting privilege managed at a single place with a single visual in a
>> trusted way.
>> So I don't imagine crosswalk being displaying the dialog.
>> Do you agree?
>> What is proposal of cynara developers?
In case of check that will need to popup some dialog for user - cynara
will launch such popup and return answer for check after user
interaction with popup.
Probably in most cases such popup won't be needed as result of check
will be ALLOW or DENY.
All these special policy types other than ALLOW or DENY will be defined
in plugins for cynara.
In currently being merged cynara-bootstrap version You won't find it.
In next stable version (first based on cynara daemon) planned for 1st
half on June You won't find it either.
However it is in scope of our tasks and will be done. I will update
Cynara wiki page when schedule will be more detailed.
So summing up:
Cynara will be responsible for launching popups if needed.
> Sakari promised to clarify on crosswalk related security issues, if he
> gets some radio silence in order to be able to catch up. Let's wait
> for that :).
> Best regards,
> Dev mailing list
> Dev at lists.tizen.org
More information about the Dev