On 10.10.2013 20:06, Schaufler, Casey wrote:
Tizen uses Smack labels. In any case, you're going to have to set a security attribute. That is going to require privilege.
Given that we have things like SMACK and capabilities, do we really need to run this kind of thing as root with all possible privileges and capabilities available in the system?
Unfortunately, there is a perception that the exec() processing is too slow (I have yet to see numbers to back this up, but "everyone knows" this is the case) so it is standard practice to implement application launchers to speed the process up. The application launcher has to do everything that the exec() call does. That includes setting security attributes. As noted above, this requires privilege.
I understand need for launchers. It heavily depends on how much of runtime environment an application needs, mainly number of shared libraries it uses. Another reason launchers are needed, is that by default gcc exports _all_ non-static symbols of a shared library. This is insane, but unfortunately I rarely see proper export control being used on Linux (it is possible through gcc's attributes). For comparison, on Windows no symbols are exported by default and when creating a DLL you have to explicitly define symbols to be exported. This has great effect on the overall dynamic linker performance. So rest of the time is then time to run initialization code, and that of course depends on how much there is to initialize and how much of that could be done at app startup by memory mapping pre-initialized data with copy-on-write from storage (definitely best way).
Interpreted environments are entirely different matter, there the benefit may be even greater and harder to solve by other means.
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
