Le 17/10/2014 09:17, Zheng, Wu a écrit :
Hi Patrick,
I suspect you were assuming that all processes can only do Bluetooth via your
framework. If yes, then you need to
A. ensure that all Bluetooth users in Tizen do that,
B. and then (and only then!) ensure that all other ways of doing
Bluetooth are prohibited.
It should be A and B.
And Doming has some suggestion and we will do it too.
" the easiest implementation is to run only one NTB daemon with privilege and to get
the user to pass their request via the daemon."
" we run NTB as a special user (e.g. bluetooth), then we can limit any transport
creation access via BlueZ control to that privilege user."
Yes, it should be A and B.
We have multiple option to activate these restriction from Smack to D
Bus policy.
I would rather see the daemon running with as little privilege as possible.`
Dominig ar Foll
Senior Architect
Intel Open Source Technology Centre
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
