Hello, please note that adding a development mode which can be activated (on a temporary basis) on demand by the user (like on Android) might be an acceptable option to help you to find a way forward.
Regards Dominig Le 03/11/2014 08:35, YeongKyoon Lee a écrit : > Samsung Enterprise Portal mySingle > > Hi > > Let me explain or correct Tizen 2.x SDK ways about user account. > > - All the tools in 2.x SDK can access platform contents only through sdbd. > > - sdbd reads, writes or executes platform files as developer or root > account according to each action, where most tools including > Web/Native IDE, Valgrind, gdbserver, use developer account, but > Platform IDE and some Dynamic Analyzer use root. > > - OProfile has been deprecated and replaced by SWAP in SDK. > > > > I think that we need more investigation multiuser support for 3.0 > especially for the scenarios of installing/launching/debugging apps. > > We, SDK team, will share the investigation results someday. > > > > Regards, > > Yeongkyoon Lee > > > > ------- *Original Message* ------- > > *Sender* : Schaufler, Casey<[email protected]> > > *Date* : Oct 30, 2014 01:34 (GMT+09:00) > > *Title* : Re: [Dev] SDK vs multiuser and security features > > > > > -----Original Message----- > > From: Dev [mailto:[email protected]] On Behalf Of Liu, Alice > > Sent: Tuesday, October 28, 2014 8:12 PM > > To: Dominig ar Foll (Intel OTC); [email protected] > > Cc: Ji, John; Mei, Paul > > Subject: Re: [Dev] SDK vs multiuser and security features > > > > > > Hi, > > > > Let me raise two SDK specific issues. It may bring us more thinking > about SDK > > user and security features. > > You appear to be requesting that the SDK environment be > different from the production environment. I don't have a > problem with that, but we need to be clear that the basic > system behavior has to meet our production security > requirements. The SDK may choose to change some of > the system behavior to make for a better developer > experience. > > > 1. Currently journal log only can be accessed by 'root' user, other > users > > including 'app' user cannot access it. But as SDK developers, they > need to get > > some log such as web application console log or even system level log to > > address the causes once running applications failed. > > Controlling access to the system logs is a basic security > requirement. It would be easy enough to provide a service > in the SDK environment to allow access to the logs, but > it cannot go into the base system. > > > 2. Some native apps' debugging tools such as gdbserver, oprofile and > valgrind > > need a specific privilege to run. I am not sure in Tizen 3, what > privilege it > > needs. It may need to access some kernel device nodes. I concern if > 'app' > > user has the privilege to access kernel device node. > > Although currently IVI SDK doesn't support native apps(I am not sure > if IVI > > SDK also need to support native apps in future). It is a key issue > for Tizen > > SDK(including mobile SDK, wearable SDK, or others). > > What did you have to do in a special way for Tizen 2? > > > > Thanks. > > Best regards, > > Alice > > > > -----Original Message----- > > From: Dev [mailto:[email protected]] On Behalf Of Dominig > ar Foll > > (Intel OTC) > > Sent: Tuesday, October 28, 2014 9:39 PM > > To: [email protected] > > Subject: [Dev] SDK vs multiuser and security features > > > > Hello; > > > > We have recently seen a set of bugs raised due to side effect of the SDK > > mode of operation based on tizen 2 but used on Tizen 3. > > I would like to invite the SDK architects to express their view on > the transfer > > from Tizen 2 to 3 operation mode and how they propose to update the SDK. > > > > I see few changes that will need to happen in order for the SDK to > operate > > with Tizen 3 and we should address them soon rather than later. > > They might be more. > > > > - user App is going away. So no cross profile assumption on a > default user ID > > can be made any more. The SDK will have to connect as a real valid user. > > - security and data privacy enforcement cannot be turned off and > so faking > > user ID will not work. > > - Security features are linked to the Kernel which is 3.14, and so > the SDK > > should be aligned. It should run with security "on". > > - sdb mode of operation is a security back door which needs to be > fixed (or > > replaced) > > > > It would be great to get a Wiki page created with your proposed model. > > > > Regards > > > > -- > > Dominig ar Foll > > Senior Software Architect > > Open Source Technology Centre > > Intel SSG > > > > _______________________________________________ > > Dev mailing list > > [email protected] > > https://lists.tizen.org/listinfo/dev > > _______________________________________________ > > Dev mailing list > > [email protected] > > https://lists.tizen.org/listinfo/dev > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev > -- Dominig ar Foll Senior Software Architect Intel Open Source Technology Centre
_______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
