On 2014-11-20 10:12, Tomasz Swierczek wrote: > Okay, so if this is the usecase, then we need to have, like I mentioned, the > mv_chmod_chown() API in security-server PLUS some way of authorizing this > action (ie. guard it with http://tizen.org/privilege/system like it was > proposed or some other, more precise privilege, allowed only for > system-level things). > > > @Rafal, Casey, others - what is your opinion?
We could get a simpler interface if the file would be created already in the final destination, at user's home directory. I'mthinking about a security-manager API that would implement creation of an empty file in the user's home directory and pass the file descriptor to the caller. The caller (e.g. obexd) would then write to that file descriptor to fill it with data. Things that security-manager should do in such case: - take target user name, file name and type as argument - verify privilege, can also trigger popup to get user consent - check if the file already exists, guard against overwriting it (either by failing orappending some string to the file name) - create the empty file, set ownership and Smack label - send the file descriptor back Would that satisfy your needs? Or ismore flexibility required for managing the downloaded files? _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
