On Wed, 2015-04-08 at 10:23 +0200, Rafał Krypa wrote: > On 2015-03-23 10:06, Patrick Ohly wrote: > > > Where can I find more information about the new(ish) domains > > "User::Home" and "User::App::Shared"? What's the intended usage? > > Hi Patrick, > The new labels were introduced to provide applications different level > of access to files in user home directory. > The following labels in User domain are currently defined: > * "User" - files with that label cannot be accessed by > applications > * "User::Home" - applications can access read only > * "User::App::Shared" - applications can freely read and write, > with transmute > * "User::App::$app_id" - private files of an application > * "User::App::$pkg_id" - directories for application package, > for exchanging data between apps with the same package id
Thanks, that clarifies it. > > Commit messages introducing them only refer to September 2014 F2F > > meeting in Vannes, without explaining the purpose for those who were not > > at that meeting. > > I thought that the Smack labels were mentioned somewehere on Tizen > wiki, but it seems that they aren't. > I will update the Smack page accordingly to fix that. There is https://wiki.tizen.org/wiki/Security:SmackThreeDomainModel but as discussed with Casey a year ago [1], it is misleading and/or outdated, because it does not explain that apps run under their own Smack label. Quite the opposite, the page still says that "security domains are explicitly defined in advance" and "role of packaging is significantly reduced" which IMHO is the opposite of what is expected to happen (apps again have their own Smack label and package manager is a crucial component of the system). [1] https://www.mail-archive.com/dev%40lists.tizen.org/msg02364.html -- Best Regards, Patrick Ohly The content of this message is my personal opinion only and although I am an employee of Intel, the statements I make here in no way represent Intel's position on the issue, nor am I authorized to speak on behalf of Intel on this matter. _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
