blob: dd4e72a62d124e4d4b11cacd64a2bc65254516bb (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="generator" content="pandoc">
<meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=yes">
<meta name="author" content="José Bollo">
<title>The security framework</title>
<style type="text/css">code{white-space: pre;}</style>
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link rel="stylesheet" href="doc.css">
</head>
<body>
<header>
<h1 class="title">The security framework</h1>
<h2 class="author">José Bollo</h2>
<h3 class="date">24 juin 2016</h3>
</header>
<nav id="TOC">
<ul>
<li><a href="#the-security-framework">The security framework</a><ul>
<li><a href="#setting-smack-rules-for-the-application">Setting Smack rules for the application</a></li>
<li><a href="#what-user-can-run-an-application">What user can run an application?</a></li>
</ul></li>
</ul>
</nav>
<h1 id="the-security-framework">The security framework</h1>
<p>NOT STARTED !!!!!!</p>
<h2 id="setting-smack-rules-for-the-application">Setting Smack rules for the application</h2>
<p>For Tizen, the following rules are set by the security manager for each application.</p>
<pre><code>System ~APP~ rwx
System ~PKG~ rwxat
System ~PKG~::RO rwxat
~APP~ System wx
~APP~ System::Shared rxl
~APP~ System::Run rwxat
~APP~ System::Log rwxa
~APP~ _ l
User ~APP~ rwx
User ~PKG~ rwxat
User ~PKG~::RO rwxat
~APP~ User wx
~APP~ User::Home rxl
~APP~ User::App::Shared rwxat
~APP~ ~PKG~ rwxat
~APP~ ~PKG~::RO rxl</code></pre>
<p>Here, <sub>PKG</sub> is the identifier of the package and <sub>APP</sub> is the identifier of the application.</p>
<h2 id="what-user-can-run-an-application">What user can run an application?</h2>
<p>Not all user are able to run all applications. How to manage that?</p>
</body>
</html>
|
