Hi Patrick Sure All access of platform service should be made trhougth CAPI. (So by using framework ONLY)
DBUS service can be protected by Cynara . So direct access to bluez can be disallowed easily. We have also smack label protection in dbus interface that we can use in this case , to allow only bt-service process (Framework processus) to use the bluez dbus interfaces. BR Baptiste 2014-10-17 10:32 GMT+02:00 Patrick Ohly <[email protected]>: > On Fri, 2014-10-17 at 07:35 +0000, Zheng, Wu wrote: > > >What's your plan for A? > > I think that Cynara and Smack will hand it. > > A = "ensure that all Bluetooth users in Tizen do that [= use your > framework". > > Cynara and Smack have nothing to do that. It's about working with the > release managers and other teams on a schedule for changing affected > components. > > You seem to thing of B, enforcing access through the framework. Cynara > and Smack will not do that automagically. It's your job to set them up > so that the system is secure. > > -- > Best Regards, Patrick Ohly > > The content of this message is my personal opinion only and although > I am an employee of Intel, the statements I make here in no way > represent Intel's position on the issue, nor am I authorized to speak > on behalf of Intel on this matter. > > > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev > -- Baptiste DURAND Eurogiciel Vannes/FR
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
