On 11.4.2014 11:39, José Bollo wrote:
Of course I make the particular binary u+s root.
That is a kind of nuclear fire that you are putting on our temple.
Question: how will a tizen user be allowed to do that?
Generally I prefer finer grained control based for example on CAPS
instead of setuid(0).
We are talking about OS components here aren't we? Not about regular
user apps.
What I want to do is to try to protect system components from possible
exploits in other system components. So that exploiting one system
component doesn't open up the entire device.
Since we deviated to talk about display managers...
I've spent countless hours discussing about secure pin entry GUIs and
such in the past. There are many ways doing it with various levels of
security. From simple things (like implemented in
pinentry-gtk/pinentry-qt) all the way to display hardware take-over
using secure co-processor.
One part of the story is how to prevent malicious third party
application from mimicing entire GUI of the device by utilizing
full-screen mode. Or faking system pop-up dialogs. Things like access
controlled access to some screen areas like notification area, or use of
access controlled LED indicator or such.
It becomes even more tricky when there are in-app purchases, especially
for games operating in full-screen mode. Protecting your app-store
account in such cases is important while at the same time making such
things possible.
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
