Hi Xu & Sakari,
Do you have input for this per Terri's comments below? Synchronous or asynchronous? This info is needed to complete this. Best Regards, John From: Dev [mailto:[email protected]] On Behalf Of Oda, Terri Sent: Wednesday, August 27, 2014 10:03 AM To: Lukasz Wojciechowski Cc: [email protected] Subject: Re: [Dev] [Cynara] Async admin API proposal On Tue, Aug 26, 2014 at 10:03 PM, Lukasz Wojciechowski <[email protected]> wrote: For installation and launching purposes crosswalk should use libsecurity-manager-client API instead of direct cynara API. SecurityManager is responsible for setting up cynara policy. It has API for installation and launching applications ready. but ... as far as I know, I think it will need also cynara client API in browser process in order to check if running applications have proper privileges to resources that are accessed by browser process. Check is needed, because a browser process will run an action in the name of application, so some system service (managing resource) will recognize crosswalk's browser process as client. It is crosswalk responsibility to check if application is allowed to access resource. Could You check if synchronous or asynchronous cynara API would fit better for that task in browser process ? To be honest, at this point I'm not sure I know enough about where the checks will need to go in the browser process to answer the question definitively. I've only looked through the installer code in any sort of depth. So perhaps it's better to ask someone who's more familiar with the internals of crosswalk: Xu & Sakari, do you know where in the browser code we'll need those checks? I know last time we talked, it looked most of the APIs were going through the extension process, which meant that they'd be running with an appropriate application label and the services themselves should enforce any policy set on Tizen. But I believe there will still some necessary checks in the browser process (which runs under a different label than the individual applications), I just don't know which APIs are being handled through the browser and where precisely use of those APIs is enforced. Terri
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
