gsignond has access control list per stored data item. Each list item consists
of security context item which in turn is a pair of system context and
application context.
System context on normal Linux with DAC security model is binary path of the
executable. On Tizen, system context is SMACK label. gsignond retrieves the
system context of the peer process from the OS. Application context is checked
after system context check is passed and application context is used for
runtimes where there may be multiple applications hiding behind single native
executable/process. Application context is filled in by the native binding code
implemented for the runtime.
For more detailed information, you can refer to gSSO documentation and
01.org/gsso
Best regards,
- Jussi
> -----Original Message-----
> From: Santos, Thiago
> Sent: Thursday, June 19, 2014 1:01 PM
> To: Balestrieri, Francesco; Zaman, Imran; [email protected]
> project.org
> Cc: Laako, Jussi
> Subject: Re: [Crosswalk-dev] Intent to implement (RE: WebAPI needed for
> Single Sign on)
>
> Halton's security concerns about this API are valid.
>
> If I login on my Gmail account using mail client app A, how do I prevent evil
> app B from reading my email?
>
> On 10-06-2014 13:44, Balestrieri, Francesco wrote:
> > Hi,
> >
> > this counts as an Intent to implement, Thiago, Halton and others please
> comment.
> >
> > Please follow the proper format in the future:
> > https://crosswalk-project.org/#contribute/contributing-code/Declare-yo
> > ur-%22intent-to-implement%22
> >
> > Francesco
> >
> >> -----Original Message-----
> >> From: Crosswalk-dev [mailto:[email protected]
> >> project.org] On Behalf Of Zaman, Imran
> >> Sent: Monday, June 09, 2014 11:05 AM
> >> To: [email protected]
> >> Cc: Laako, Jussi
> >> Subject: [Crosswalk-dev] WebAPI needed for Single Sign on
> >>
> >> Hei!
> >>
> >> I have started implementation of WebAPI extension on crosswalk for
> gSSO.
> >> Use case is to have support for OAuth and other authentication
> >> methods for web applications. gSSO would also bridge/unify
> >> authentication between native and web applications. More details can be
> found at:
> >>
> >> Crosswalk jira bug is reported at: https://crosswalk-
> >> project.org/jira/browse/XWALK-1877
> >> Tizen jira bug is documented at:
> >> https://bugs.tizen.org/jira/browse/TIVI-
> >> 2718
> >>
> >> Widl file can be accessed at:
> >> http://code.google.com/p/accounts-
> >> sso/source/browse/widl/signon.widl?repo=libgsignon-glib&name=devel
> >>
> >> BR
> >> imran
> >> ---------------------------------------------------------------------
> >> Intel Finland Oy
> >> Registered Address: PL 281, 00181 Helsinki Business Identity Code:
> >> 0357606 -
> >> 4 Domiciled in Helsinki
> >>
> >> This e-mail and any attachments may contain confidential material for
> >> the sole use of the intended recipient(s). Any review or distribution
> >> by others is strictly prohibited. If you are not the intended
> >> recipient, please contact the sender and delete all copies.
> >>
> >> _______________________________________________
> >> Crosswalk-dev mailing list
> >> [email protected]
> >> https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev
> > ---------------------------------------------------------------------
> > Intel Finland Oy
> > Registered Address: PL 281, 00181 Helsinki Business Identity Code:
> > 0357606 - 4 Domiciled in Helsinki
> >
> > This e-mail and any attachments may contain confidential material for
> > the sole use of the intended recipient(s). Any review or distribution
> > by others is strictly prohibited. If you are not the intended
> > recipient, please contact the sender and delete all copies.
> >
> > _______________________________________________
> > Crosswalk-dev mailing list
> > [email protected]
> > https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev
> >
---------------------------------------------------------------------
Intel Finland Oy
Registered Address: PL 281, 00181 Helsinki
Business Identity Code: 0357606 - 4
Domiciled in Helsinki
This e-mail and any attachments may contain confidential material for
the sole use of the intended recipient(s). Any review or distribution
by others is strictly prohibited. If you are not the intended
recipient, please contact the sender and delete all copies.
_______________________________________________
Crosswalk-dev mailing list
[email protected]
https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev
