Le mardi 09 décembre 2014 à 10:13 +0100, Rafał Krypa a écrit : > On 2014-12-09 09:36, José Bollo wrote: > > > Le lundi 08 décembre 2014 à 13:08 +0000, Pozdnyakov, Mikhail a écrit : > > > Hi, > > > > > > Description: > > > > > > The Dual process model is a process model where each application run > > > contains two processes: > > > The first process includes Browser process (BP), GPU process (GP) and > > > Extension process (EP) > > Hi Mikhail, Hi all, > > > > IIRC & IMHO, merging BP and EP is a NO GO from the Tizen Security Point > > of View. The rational is that EP to be as usable as possible from the > > developper scope (hybrid apps) have to be sandboxed using Smack and > > should not have capabilities. > > Hi José, > My understanding of the proposed model is that each application would > have two processes for itself: > - BP+EP+GP, serving as a starting point for application > - RP, executed from BP as before, possibly still sandboxed by Chromium > > In this picture there is no need for any of these processes to be > privileged. The new merged process would be started by > amd-session-launcher with already setup Smack label. That process > would no longer be responsible for security configuration and > enforcement. IMHO from security point of view that is way better than > we had before. Each application gets proper Smack sandbox without > sharing any processes at Crosswalk.
Hi Rafał, That would be good but I'm seeing there is still a reason to consider BP as privileged: for implementing Web API, it is calling Cynara. I am also skeptical on the fact that BP will run without privileges. But I am not expert and should trust developers of crosswalk. Cheers José Bollo > > > Best regards, > Rafal Krypa _______________________________________________ Crosswalk-dev mailing list Crosswalk-dev@lists.crosswalk-project.org https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-dev
