> -----Original Message----- > From: Tomasz Swierczek [mailto:[email protected]] > Sent: Monday, March 03, 2014 2:22 AM > To: Schaufler, Casey; Macieira, Thiago; [email protected] > Subject: RE: [Dev] Update of security framework repositories > > Sorry for such a long delay in responding. > > > > I think that a public (but not tizen) branch is a good idea. > > > How about: we will develop on "origin/tizen_mobile" branches in these > repositories for now, to update mobile/RD-PQ OBS projects (our reference > device, the mobile). This will not conflict with your IVI code on tizen > branch.
OK. The issue that I had raised is not so much about the code as the use of Smack policy. If we can use the branch to develop the Smack policy, and make doing that a priority, we can merge into the Tizen branch without too much delay. > However, I believe we should discuss (maybe F2F) how to keep common code > with different configurations in one repository. We could work on one branch > and use conditional gbs macros to build alternative versions or just stick > with > different branches. This problem will be important for both of us when working > on our Smack rules - you have Crosswalk WRT, we (currently) have our own > WRT, you have AMB domain - we (in mobile) will not have Automotive > Message Broker for sure, maybe an MMB or sth else. I remember some old > Symbian phones having a "Nokia" directory in the file system, even those were > not Nokia phones. I believe we should not follow this route :-) I think that the use of branches should be limited to a single task, in this case moving to the three domain label policy. Once the domain definition work is done the wiki page gets updated and the code merged. > > > There are a bunch of files that contain Smack rules in the > libprivilege-control/permissions directory. Many of these rules provide rw > access. It is OK for peer domains to have rw access, but I would like the > intent > documented. Why are they labeled differently if they have full access? > > > These files are left because those were already in repository for a while, on > tizen branch actually, and the merge is from sandbox to tizen branch. If you > look at the sandbox we're merging from > (remotes/origin/sandbox/kjackiewicz/samsung_devel), it doesn't contain the > configuration, as I told you - it is in smack-privilege-config repository. The gerrit request included the Smack rules files. > We'd like to keep it separately - and work on 3-domain-like model there. Yes, that seems good. > Ideally, with services everywhere, the configuration would be so simple, > there'll > be no need for it, however this needs discussions and for now we'd only want > to > update library's code, remove the permissions/ directory and continue work > from there. I think I agree. > > > Please let me know if its okay for you if we abandon these changes and push > them once again to "origin/tizen_mobile" branches. > I would be fine with that. It gets the code and configuration in a place where we can see it and work out the issues. _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
