> -----Original Message----- > From: Patrick Ohly [mailto:[email protected]] > Sent: Wednesday, May 14, 2014 12:24 AM > To: Schaufler, Casey > Cc: Rafał Krypa; [email protected]; Oda, Terri > Subject: Re: [Dev] Understanding Cynara scope. > > On Tue, 2014-05-13 at 21:44 +0000, Schaufler, Casey wrote: > > The Smack label of the task executing the application code > > (be it a plugin, separate executable or some other mechanism) > > must be set to the label assigned to that application. Once this > > is accomplished the services that use Cynara to make application > > access checks have the information they need to do so. Crosswalk > > need only set the process Smack label before invoking the > > application. > > This assumes that Crosswalk runs a separate process for each > application, doesn't it? That assumption has pretty much been shown to > not hold.
You can't seriously be suggesting that TwitterBirds and BankOfElbonia run in the same thread at the same time. Thread reuse is acceptable so long as the environment is appropriately reset between applications. (I personally find the practice abhorrent. We have fork() and exec() for good reasons.) > > So no, I don't see Crosswalk using Cynara unless Crosswalk > > is providing "privileged" services. If Crosswalk is providing > > privileged services (which seems unreasonable, but is possible) > > it will have to do its part in enforcement. If it is proxying it > > will have to either do the enforcement or pass along the > > application's credential (Smack label and possibly uid) > > information. > > > > It should be pretty simple. > > Then how can Crosswalk pass along the application's credentials to a > D-Bus service such that the D-Bus service can a) receive them and b) > trust the information? That is going to depend on what sits between BankOfElbonia and the dbus socket. The thread BankOfElbonia is going to run in will run with the application's Smack label. This is not negotiable. If that thread accesses the dbus socket the credentials are readily available. If there is an intermediary thread the intermediary must either mascaraed as the application (run with the same Smack label and UID as the application) or do the privilege checking itself, and have access to the dbus interface. > Can someone explain the details and come up with the necessary software > patches? Perhaps it's simple technically, but if no-one can do that for > other reasons (perhaps because he or she has no time), then it is a hard > problem for the project. I'm sorry, but there is more going on here than we're going to fix on a mailing list. We need to sit down with the code and figure out what you have done. The questions you are asking are scaring me a little. I understand that Crosswalk is a sophisticated system in its own right. There is no way to address some of what you're asking without understanding what you're trying to accomplish. > > -- > Best Regards, Patrick Ohly > > The content of this message is my personal opinion only and although > I am an employee of Intel, the statements I make here in no way > represent Intel's position on the issue, nor am I authorized to speak > on behalf of Intel on this matter. > > _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
