Le 27/11/2014 10:18, Rafał Krypa a écrit : > > Hi Manuel, > Please clarify one thing:do you need to retrieve package name (a.k.a. > pkgId) or application name (appId)? What if there are multiple > applications in a package? > Duringlast security workshop in Vannes in October, a requirement was > formulated that AUL needs to identify application processes by > fetching appId from a running process. I'd like to know if this > requirement isstill valid. To implement it,I had to redesign Smack > labeling for applications in security-manager to be based on appId > instead of pkgId. This is still work inprogress and it complicates > matters for security-manager. If for any reason this is not needed > anymore, I would be happy to go back to the old labeling scheme. > Rafal,
you are right that the privilege are recorded in the Meta data for the package, but en forcement is done by Application. What will be reported by the system when call to services are done is AppID. So what is needed is a correlation with the AppID. In order to oversome the fact that Privileges are provided by Package, does not stop to enter the privileges in Cynara per AppID, as at that time we know which Apps are embedded in the same packages. It was agreed in Vannes that the Smack Label would be given by AppID, in order to allow AMD to do its job and that rules for sharing common directories between Apps coming from the package would be created at installation time. Regards -- Dominig ar Foll Senior Software Architect Intel Open Source Technology Centre _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
