From 4a1409460a7c0a5d26fe10b5f84368b3cb8b8b5a Mon Sep 17 00:00:00 2001 From: José Bollo Date: Wed, 26 Oct 2016 18:24:13 +0200 Subject: doc: switch to mkdocs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: José Bollo --- doc/application-framework.html | 94 ------------------------------------------ 1 file changed, 94 deletions(-) delete mode 100644 doc/application-framework.html (limited to 'doc/application-framework.html') diff --git a/doc/application-framework.html b/doc/application-framework.html deleted file mode 100644 index 8d0e0e3..0000000 --- a/doc/application-framework.html +++ /dev/null @@ -1,94 +0,0 @@ - - - - - - - - - Application framework - - - - - -

Application framework

José Bollo

Fulup Ar Foll

24 juin 2016

- -

Application framework

Foreword

This document describes application framework fundamentals. FCF (Fully Conform to Specification) implementation is still under development. It may happen that current implementation somehow diverges with specifications.

Overview

The application framework on top of the security framework provides components to install and uninstall applications as well as to run them in a secured environment.

The goal of the framework is to manage applications and hide security details to applications.

For the reasons explained in introduction, it was choose not to reuse Tizen application framework directly, but to rework a new framework inspired from Tizen.

fundamentals remain identical: the applications are distributed in a digitally signed container that should match widget specifications normalized by the W3C. This is described by the technical recommendations widgets and widgets-digsig of the W3 consortium.

As today this model allows the distribution of HTML, QML and binary applications but it could be extended to any other class of applications.

The management of widget package signatures. Current model is only an initial step, it might be extended in the future to include new feature (ie: incremental delivery).

Comparison to other frameworks

Tizen framework

xdg-app

ostro

organization of directory of applications

The main path for applications are: APPDIR/PKGID/VER.

Where:

APPDIR is as defined above
PKGID is a directory whose name is the package identifier
VER is the version of the package MAJOR.MINOR

The advantage of such an organization is to allow several versions to live together. This is required for multiple reasons (ie: roll back) and to comply with developers habits.

Identity of installed files

All the files are installed as user "userapp" and group "userapp". All files have rw(x) for user and r-(x) for group and others.

This allows any user to read files.

labeling the directories of applications

organization of data

The data of a user are contain within its directory and are labeled using the application labels

Setting Smack rules for the application

For Tizen, the following rules are set by the security manager for each application.

System ~APP~             rwx
-System ~PKG~             rwxat
-System ~PKG~::RO         rwxat
-~APP~  System            wx
-~APP~  System::Shared    rxl
-~APP~  System::Run       rwxat
-~APP~  System::Log       rwxa
-~APP~  _                 l
-User   ~APP~             rwx
-User   ~PKG~             rwxat
-User   ~PKG~::RO         rwxat
-~APP~  User              wx
-~APP~  User::Home        rxl
-~APP~  User::App::Shared rwxat
-~APP~  ~PKG~             rwxat
-~APP~  ~PKG~::RO         rxl

Here, _PKG is the identifier of the package and _APP is the identifier of the application.

What user can run an application?

Not all user are able to run all applications. How to manage that?

- - -- cgit 1.2.3-korg