EDIT: of course, I meant security-manager, NOT security-server ;-)
Tomasz Świerczek Samsung R&D Institute Poland Samsung Electronics Office +48 22 377 95 59 Cell +48 503 135 021 [email protected] -----Original Message----- From: Dev [mailto:[email protected]] On Behalf Of Tomasz Swierczek Sent: Thursday, November 20, 2014 10:12 AM To: Rafal Krypa; 'Corentin Lecouvey'; [email protected] Subject: Re: [Dev] transferring files from and to a service Okay, so if this is the usecase, then we need to have, like I mentioned, the mv_chmod_chown() API in security-server PLUS some way of authorizing this action (ie. guard it with http://tizen.org/privilege/system like it was proposed or some other, more precise privilege, allowed only for system-level things). @Rafal, Casey, others - what is your opinion? BRs, Tomasz Świerczek Samsung R&D Institute Poland Samsung Electronics Office +48 22 377 95 59 Cell +48 503 135 021 [email protected] -----Original Message----- From: Dev [mailto:[email protected]] On Behalf Of Corentin Lecouvey Sent: Thursday, November 20, 2014 10:06 AM To: [email protected] Subject: Re: [Dev] transferring files from and to a service Hi Tomasz, Good to hear that security-manager has so much power. When receiving a file over bluetooth, it will be received in a "bluetooth" user folder as obexd will be run as "bluetooth". The point then is to move the received file to the targeted user download folder with the user ownership and permissions. We will need the security-manager help to do that. > > +1. > > Security-Manager already has "power" to re-label files, so chmod/chown/mv/DAC_OVERRIDE will not be any extension to its (already high) capabilities. > > In the tandem <Security-Manager (SM), Bluetooth service (BT), The app (APP)> probably Bluetooth would want to create file on its own to be able to fill its contents quickly. Questions to be answered: > > 1) when the file needs to be shown to the application? The file can be shown after the file has been transferred in the user download folder. > 2) (follow-up) where should it be initially created: some BT-private directory where BT can fill its contents and then move+chmod+chown OR already the original destination (known & accessible to APP)) I think the easiest way is the first proposal: receive the file in "bluetooth" user provate directory and then move thanks to security-manager to the right user directory. > 3) or, do we want to let SM expose API that manages files somehow and then mv/chmod/chown it? If yes, this means using custom SM API in Bluetooth for even bigger extent than just simple move_and_chmod_and_chown() call. I think if SM offers a move_and_chmod_and_chown() API, it could be sufficient but I may wrong. Thanks and regards, Corentin > > > BRs, > > Tomasz > > _______________________________________________ > Dev mailing list > [email protected] > https://lists.tizen.org/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
