Hi all, I finalized the proof of concept called 'keyzen' that you will find on github https://github.com/jobol/keyzen
The advantages of using a filesystem to manage the privileges to access the API are: - it's fast - it could be linked tightly to LSM smack - it benefits of accesses control (DAC/MAC) and file namespace - there no real need of a library (all languages) - supports synchronous and asynchronous queries - no socket - no kernel change Traditionally, this type of access is done with a library using a socket or an IPC wich is more difficult to integrate with DAC/MAC, cannot be isolated with a file namespace and requires special binding for each langage. It will allow to implement the tizen privileges defined at https://www.tizen.org/fr/privilege/ and can be adapted to cynara's concepts of application-id / user-id. I propose to simplify the access to cynara by using that model. Each service, that are needing knowledge of specific privileges, will query the filesystem. In case of user confirmation, the filesystem will trigger a special request through a special file. The special filesystem is currently implemented using FUSE. For blocking request, the overhead is minimised: only the level 2 function 'access' is needed. To prove that my proposition is viable, I implemented a secure launcher using it: https://github.com/jobol/smaunch. That launcher using extended security attributes set the authorized privileges and use it to configure Smack rules and the file namespace. Using Smaunch, I found that the launch time of the process (either native or HTML5) is about 6.6ms: - launch of smaunch: 2.6 ms - reading DB: 0.6 ms - finding mount points (keyzen-fs and smackfs): 0.4 ms - setting permission (FUSE): 1.2 ms - setting smack and isolating file namespace: 1.8 ms Your feedback is welcome Best regards José Bollo _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
