[Dev] Which Com are used to implement services required by WebAPI. - MessagePort

Amarnath Valluri amarnath.valluri at linux.intel.com
Fri May 16 07:12:51 GMT 2014


On 05/15/2014 07:01 PM, Rafał Krypa wrote:
> On 2014-05-15 10:19, Amarnath Valluri wrote:
>> On 05/15/2014 10:27 AM, Patrick Ohly wrote:
>>> On Thu, 2014-05-15 at 10:09 +0300, Amarnath Valluri wrote:
>>>> Hi Domining,
>>>>
>>>> MessagePort WebAPI on Tizen IVI is not using '
>>>> platform/core/appfw/message-port', instead it uses :
>>>> platfrom/ivi/message-port, which is peer-to-peer DBus based
>>>> implementation.
>>> Out of curiosity, and because it is relevant for the security
>>> discussion: can you describe the data flow from Web App through
>>> Crosswalk to a native app listening on a message port? In particular,
>>> which Crosswalk process is contacting the native side, which Smack 
>>> label
>>> does it have, and where is D-Bus involved in this?
>>>
>> The backend messageport daemon works just as a proxy between two 
>> applications.
>> All Tizen applications which required to exchange data via 
>> MessagePort will open a connection with the daemon.
>> It treats both Native and Web applications same.
>>
>> In crosswalk the xwalk extension process requests(via peer-to-peer 
>> dbus socket) the 'messageportd'
>> on behalf of web app to send message-data to peer(running) 
>> application. Then the messageport daemon
>> finds the right 'client' based on the requested 'app-id', and signals 
>> the app with the message data.
>
> Does messageport implement any kind of policy, deciding which 
> application is able to contact which?
> If there is, it should probably switch to use Cynaraas a source of 
> policy.If there isn't such thing, I'd like to suggest a discussion 
> about needs and possible ways for implementing it.
Currently, Messageport daemon is not doing any policy check/decisions 
except for trusted message ports, which are only accessed by 
applications signed with same certificate. Other than this it merely 
acts as a proxy, where any application can use this service to exchange 
messages. And I think the messageport daemon has not enough information 
to do such validation, I assume its handled by applications which 
publish the services using this messageport service.

- Amarnath
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.tizen.org/pipermail/dev/attachments/20140516/ac096238/attachment.html>


More information about the Dev mailing list