It was <2014-04-07 pon 10:13>, when 이동선 wrote: > Hi, all. > I am Dongsun Lee working in Tizen security part at Samsung. > > We are studing how to minimize the root processes in Tizen 3.0. > To do that, one of what we need is the system user id policy to replace the > root user. > > So I proposed the policy, "one system user per domain"(refer to the below > mail). > Even if only one man wrote the response mail, I think people agreed with it. > So I went further. > > There is no daemon in some domains, so they don't need the system user. > And there may be more than two daemon in one domain. > In that case, one system user will be assigned for those daemons. > (If other system users are needed except the system users of domains, > it should be examined first by the security engineers before it is assigned.) > > Following is the example of the system user assignement. > --------------------------------------------- > [Domain] - [system user name] [...]
I am not sure if strict assumptions like one-uid-per-daemon or one-uid-per-domain are good starting points. My Linux experience tells me that we should take them with a grain of salt and be prepared to make decissions on case-by-case basis. The former policy may be too strict and require some code to be rewritten, possibly from scratch, which may be quite a lot of work. The latter, however seems too slack and not secure enough. -- Łukasz Stelmach Samsung R&D Institute Poland Samsung Electronics
pgpzHQFZFiNHC.pgp
Description: PGP signature
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
