[Dev] The SAPI proposal
l.stelmach at samsung.com
Wed May 28 07:53:34 GMT 2014
It was <2014-05-27 wto 17:50>, when Dominig ar Foll (Intel OTC) wrote:
> Le 23/05/2014 14:33, José Bollo a écrit :
>> Hi all,
>> I just finished the wiki page that describes SAPI, the Secure CAPI,
>> proposal: https://wiki.tizen.org/wiki/Security/SAPI
> I would prefer to see the attribution of the Admin user to be done via
> a privilege table in Buxton rather than in a group because it would
> allow to propagate the information in the system without requiring for
> the new promoted user to relog.
Without "relogging" kernel won't acknowledge new permissions beaceuse
user processes won't have new GID on their list of supplementary groups
as set by setgroups(2). It's OK to put this information in a Buxton
table as long as we do not relay on kernel DAC.
Samsung R&D Institute Poland
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 489 bytes
Desc: not available
More information about the Dev