> -----Original Message----- > From: Łukasz Stelmach [mailto:[email protected]] > Sent: Monday, November 18, 2013 12:38 AM > To: Schaufler, Casey > Cc: Tizen Dev > Subject: Re: [Dev] The 3 Smack domain status > > It was <2013-11-15 pią 22:56>, when Schaufler, Casey wrote: > > The User domain: > > > > The user experience is provided by the display manager and the > > application launcher. They have been set to run in the User domain. > > The appropriate manifest files will be updated as part of the merge. > > Because these services are managed by systemd the User domain is > > granted access to the System::Run label and hence the /run directory. > > What about $XDG_RUNTIME_DIR (/run/usr/$UID)? Shouldn't these > directories be labeled with something like User::Run?
That will depend on what talks to the user bus. At this point all user processes are running with the label User. When we start dividing the User domain into peer domains you're probably right. We'll grill that fish when we've caught it. > > The /run directory is a resource managed by systemd and must not be > > used as a repository for other data. > > <nitpicking> > This isn't exactly true. UDisks2 for example mounts removable media under > /run/media. > </nitpicking> That puts them on separate filesystems, with their own smack configuration. It would probably have been better to say "/run filesystem" than "/run directory". > > > -- > Łukasz Stelmach > Samsung R&D Institute Poland > Samsung Electronics _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
