[Dev] SMACK in Tizen

Vyacheslav Barinov v.barinov at samsung.com
Wed Oct 29 10:09:38 GMT 2014


Hello,

José Bollo <jose.bollo at open.eurogiciel.org> writes:

> Le mercredi 29 octobre 2014 à 10:08 +0300, Vyacheslav Barinov a écrit :
>> Hello,
>> 
>>  What is current SMACK state in Tizen:Common builds?
>
> Hi Vyacheslav,
>
> Tizen:Common is a work in progress implementation of the Security model
> of tizen 3 described by this wiki page:
> https://wiki.tizen.org/wiki/Security:SmackThreeDomainModel
>  
>>  I see smack-related packages installed into firmware but there are neither rules in
>>  /etc/smack/accesses.d nor security labels on binaries in latest snapshot firmware.
>
> It is not true. What did you inspected? Which image?

I've just tested tizen-common_20141028.4_common-x11-2parts-armv7l.tar.gz image from
https://download.tizen.org/snapshots/tizen/common/latest/images/arm-x11/common-x11-2parts-armv7l/

> You should found at least /etc/smack/accesses.d/default-ac-domain
>>  Is it firmware building bug or there was a decision to switch security off?
> None of this is true.
Yes, there is that file and rules loaded, I can see them in 'cat /sys/fs/smackfs/load'.
And do any user application files have xattrs on them? I found only several 'access="System"' marked
files in /proc.

> The current state is changing quickly. Peoples of Samsung are currently
> creating two main component of the coming Tizen 3: the cynara framework
> that that will allow security at an API level and the security-manager
> that will handle the smack rules for applications (see schedule here
> https://lists.tizen.org/pipermail/dev/2014-October/004610.html ).

Okay, thank you for information, if new security framework is being integrated I just chose a wrong
time to ask about nuances.

> Best regards
> José

Best Regards,
Vyacheslav Barinov


More information about the Dev mailing list