[Dev] SDK vs multiuser and security features

Schaufler, Casey casey.schaufler at intel.com
Wed Oct 29 16:34:27 GMT 2014


> -----Original Message-----
> From: Dev [mailto:dev-bounces at lists.tizen.org] On Behalf Of Liu, Alice
> Sent: Tuesday, October 28, 2014 8:12 PM
> To: Dominig ar Foll (Intel OTC); dev at lists.tizen.org
> Cc: Ji, John; Mei, Paul
> Subject: Re: [Dev] SDK vs multiuser and security features
> 
> 
> Hi,
> 
> Let me raise two SDK specific issues. It may bring us more thinking about SDK
> user and security features.

You appear to be requesting that the SDK environment be
different from the production environment. I don't have a
problem with that, but we need to be clear that the basic
system behavior has to meet our production security
requirements. The SDK may choose to change some of
the system behavior to make for a better developer
experience.

> 1. Currently journal log only can be accessed by 'root' user, other users
> including 'app' user cannot access it. But as SDK developers, they need to get
> some log such as web application console log or even system level log to
> address the causes once running applications failed.

Controlling access to the system logs is a basic security
requirement. It would be easy enough to provide a service
in the SDK environment to allow access to the logs, but
it cannot go into the base system.

> 2. Some native apps' debugging tools such as gdbserver, oprofile and valgrind
> need a specific privilege to run. I am not sure in Tizen 3, what privilege it
> needs. It may need to access some kernel device nodes. I concern if 'app'
> user has the privilege to access kernel device node.
> Although currently IVI SDK doesn't support native apps(I am not sure if IVI
> SDK also need to support native apps in future). It is a key issue for Tizen
> SDK(including mobile SDK, wearable SDK, or others).

What did you have to do in a special way for Tizen 2?


> Thanks.
> Best regards,
> Alice
> 
> -----Original Message-----
> From: Dev [mailto:dev-bounces at lists.tizen.org] On Behalf Of Dominig ar Foll
> (Intel OTC)
> Sent: Tuesday, October 28, 2014 9:39 PM
> To: dev at lists.tizen.org
> Subject: [Dev] SDK vs multiuser and security features
> 
> Hello;
> 
> We have recently seen a set of bugs raised due to side effect of the SDK
> mode of operation based on tizen 2 but used on Tizen 3.
> I would like to invite the SDK architects to express their view on the transfer
> from Tizen 2 to 3 operation mode and how they propose to update the SDK.
> 
> I see few changes that will need to happen in order for the SDK to operate
> with Tizen 3 and we should address them soon rather than later.
> They might be more.
> 
>   - user App is going away. So no cross profile assumption on a default user ID
> can be made any more. The SDK will have to connect as a real valid user.
>   - security and data privacy enforcement cannot be turned off and so faking
> user ID will not work.
>   - Security features are linked to the Kernel which is 3.14, and so the SDK
> should be aligned. It should run with security "on".
>   - sdb mode of operation is a security back door which needs to be fixed (or
> replaced)
> 
> It would be great to get a Wiki page created with your proposed model.
> 
> Regards
> 
> --
> Dominig ar Foll
> Senior Software Architect
> Open Source Technology Centre
> Intel SSG
> 
> _______________________________________________
> Dev mailing list
> Dev at lists.tizen.org
> https://lists.tizen.org/listinfo/dev
> _______________________________________________
> Dev mailing list
> Dev at lists.tizen.org
> https://lists.tizen.org/listinfo/dev


More information about the Dev mailing list