Hi, is there a feature or task to track this? Also, I assume it's targeted for Crosswalk 3 but please confirm.
Regards, Francesco From: Crosswalk-dev [mailto:[email protected]] On Behalf Of Ming, Bai Sent: Wednesday, November 20, 2013 9:06 AM To: [email protected] Subject: [Crosswalk-dev] Intent to Implement API Permission Control Description We would like to add a mechanism in Crosswalk to control API permissions for both Crosswalk .xpk packages and Tizen legacy .wgt packages. For crosswalk packages, permissions needed by an application will be declared in its manifest, and for Tizen widgets they are stored in config.xml according to the widget specification. As a part of Crosswalk security framework, we would like to follow these documents in our implementation. The overall crosswalk security design, including API permission control and SMACK https://docs.google.com/a/intel.com/document/d/1Exj9ewu74mxl96YodnHAbxGikR3m8v4UgwE3w7FyIMg/edit#heading=h.erysmcq819ya<https://docs.google.com/a/intel.com/document/d/1Exj9ewu74mxl96YodnHAbxGikR3m8v4UgwE3w7FyIMg/edit%23heading=h.erysmcq819ya> The detailed use case and design of API permission control https://docs.google.com/a/intel.com/document/d/137u_gxmNaIFwVzaCkCFBJyveIdZxuAydWOkMI8oWgD0/edit#<https://docs.google.com/a/intel.com/document/d/137u_gxmNaIFwVzaCkCFBJyveIdZxuAydWOkMI8oWgD0/edit%23> API Permission Map https://docs.google.com/a/intel.com/spreadsheet/ccc?key=0AmfuGardsG7gdGg1a0YxVVVNbEtKLTEzck9XMGYyRWc#gid=0<https://docs.google.com/a/intel.com/spreadsheet/ccc?key=0AmfuGardsG7gdGg1a0YxVVVNbEtKLTEzck9XMGYyRWc%23gid=0> Contacts Ming, Bai from Shanghai and Zhang, Xu from Beijing. Affected Components - A new security server will be added as a sub module under 'application/' - Mechanism to transfer permission request among extension process, runtime process and render process. - Mechanism to control and store the application permission in persistent storage. - A mapping between Javascript API and corresponding permissions. - UI elements for asking user for the permission requests. Implementation Details - A new security server will be added and placed under application service which is the central place for controlling the application's life cycle. The security server will handle permission requests from either extension process and respond with the correct permission information. - The permission handling mechanism is sort of complicated, detailed description could be found in this doc https://docs.google.com/a/intel.com/document/d/1TfU_oZo6P2Ff24w5RjRhYfPTJae5EzRWiXtdtxz0yBo/edit#heading=h.90d6fevrbp2d- - The application's permission information will be stored in a database which can only be accessed by the runtime process. --------------------------------------------------------------------- Intel Finland Oy Registered Address: PL 281, 00181 Helsinki Business Identity Code: 0357606 - 4 Domiciled in Helsinki This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
_______________________________________________ Crosswalk-dev mailing list [email protected] https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev
