|
Hello,
when defining the Multi User strategy for Tizen 3, full Linux containers as well as use of specific name space where investigated. We even have done some prof of concepts with Names Spaces to see what were the side effects of name space in the specific use of a connected secured device which is the domain of interest for Tizen. In short (you can always ask Stéphane Desneux on this list if you want more details on the PoC), we found out that we could use name space to further isolate user in a Tizen 3 multi user environment but the performance and complexity cost in sharing data and resources between users, was not favourable against the perceived use case of Multi User in Tizen 3. If you look carefully at the Tizen 3 Multi User architecture, you will notice that nothing stops to create an implementation using Name space if required, but we have decided to not do it in the current development phase. The security requirements of the known Multi User use cases (which are more related to improved multi profiles rather than full bullet proof user isolations) can be delivered with Smack without getting the burden of Name Spaces and we want to keep Tizen 3 as simple as possible. Regards Dominig ar Foll Senior Architect Intel Open Source Technology CentreLe 11/03/2014 15:14, Jan Olszak a écrit : When I give my phone away I'm not only concerned about what this user can do, but rather what the applications that he will install can do. In this case starting a container would give you greater protection than just creating a new user. So yes, maybe containers could be a good technology to implement this."Not Umbrella Containers" operate under the assumption that we all failed - that there is a hole and a malicious application can use it to do stuff. NUC would place a concrete wall between the private and business environments, so malicious apps still can do stuff but only in one environment. That is the use case we are concentrating on. The main threat for the security of the user is the user himself. I would accept any set of permissions just to get this Tree Climbing Game I long, but at least I wouldn't imperile my business data. Thanks, Jan -----Original Message----- From: Jarkko Sakkinen [mailto:[email protected]] Sent: Tuesday, March 11, 2014 11:33 AM To: MyungJoo Ham Cc: Schaufler, Casey; Jan Olszak; [email protected] Subject: Re: [Dev] Linux Containers on Tizen On Tue, Mar 11, 2014 at 01:56:33AM +0000, MyungJoo Ham wrote:Not related with multi-user project at least for now. It is an independent project and it does not assume that the two domains have different users.In thhe first mail there was a use case where you would give your phone or tablet to your child. Should multi-user address the same use case or not? The main difference I see with multi-user and this is that: 1. Multi-user is a feature and proper technologies are chosen to implement it. 2. Containers (not that well defined umbrella term for linux namespaces and cgroups when you combine them) is a technology. You might use parts of it for implementing features such as multi-user support. With my limited knowledge of this effort it really looks like as someone was climbing feet first into the tree. /Jarkko _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev |
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
