<html> <head> <link rel="stylesheet" type="text/css" href="doc.css"> <meta charset="UTF-8"> </head> <body> <a name="Application.framework"></a> <h1>Application framework</h1> <pre><code>version: 1 Date: 15 March 2016 Author: José Bollo </code></pre> <a name="Foreword"></a> <h2>Foreword</h2> <p>This document describes what we intend to do. It may happen that our current implementation and the content of this document differ.</p> <p>In case of differences, it is assumed that this document is right and the implementation is wrong.</p> <a name="Overview"></a> <h2>Overview</h2> <p>The application framework on top of the security framework provides the components to install and uninstall applications and to run it in a secured environment.</p> <p>The goal is to manage applications and to hide the details of the security framework to the applications.</p> <p>For the reasons explained in introduction, we did not used the application framework of Tizen as is but used an adaptation of it.</p> <p>The basis is kept identical: the applications are distributed in a digitally signed container that must match the specifications of widgets (web applications). This is described by the technical recomendations <a href="http://www.w3.org/TR/widgets" title="Packaged Web Apps">widgets</a> and <a href="http://www.w3.org/TR/widgets-digsig" title="XML Digital Signatures for Widgets">widgets-digsig</a> of the W3 consortium.</p> <p>This model allows the distribution of HTML, QML and binary applications.</p> <p>The management of signatures of the widget packages This basis is not meant as being rigid and it can be extended in the futur to include for example incremental delivery.</p> <a name="Comparison.to.other.frameworks"></a> <h2>Comparison to other frameworks</h2> <a name="Tizen.framework"></a> <h3>Tizen framework</h3> <a name="xdg-app"></a> <h3>xdg-app</h3> <a name="ostro"></a> <h3>ostro</h3> <a name="Organisation.of.directory.of.applications"></a> <h1>Organisation of directory of applications</h1> <p>The main path for applivcations are: APPDIR/PKGID/VER.</p> <p>Where:</p> <ul> <li>APPDIR is as defined above</li> <li>PKGID is a directory whose name is the package identifier</li> <li>VER is the version of the package MAJOR.MINOR</li> </ul> <p>This organisation has the advantage to allow several versions to leave together. This is needed for some good reasons (rolling back) and also for less good reasons (user habits).</p> <a name="Identity.of.installed.files"></a> <h2>Identity of installed files</h2> <p>All the files are installed as the user “userapp” and group “userapp”. All files have rw(x) for user and r-(x) for group and others.</p> <p>This allows any user to read the files.</p> <a name="Labelling.the.directories.of.applications"></a> <h2>Labelling the directories of applications</h2> <a name="Organisation.of.data"></a> <h1>Organisation of data</h1> <p>The data of a user are in its directory and are labelled using the labels of the application</p> <a name="Setting.Smack.rules.for.the.application"></a> <h1>Setting Smack rules for the application</h1> <p>For Tizen, the following rules are set by the security manager for each application.</p> <pre><code>System ~APP~ rwx System ~PKG~ rwxat System ~PKG~::RO rwxat ~APP~ System wx ~APP~ System::Shared rxl ~APP~ System::Run rwxat ~APP~ System::Log rwxa ~APP~ _ l User ~APP~ rwx User ~PKG~ rwxat User ~PKG~::RO rwxat ~APP~ User wx ~APP~ User::Home rxl ~APP~ User::App::Shared rwxat ~APP~ ~PKG~ rwxat ~APP~ ~PKG~::RO rxl </code></pre> <p>Here, ~PKG~ is the identifier of the package and ~APP~ is the identifier of the application.</p> <a name="What.user.can.run.an.application."></a> <h1>What user can run an application?</h1> <p>Not all user are able to run all applications. How to manage that?</p> </body> </html>