On Thu, Mar 8, 2012 at 9:48 PM, ptheriault <ptheria...@mozilla.com> wrote:
> Chris brought up the issue of regulatory controls for functions like the > dialer. (e.g. phones always need to be able to make emergency calls). the experience of the OpenMoko project i believe is relevant here. their infrastructure was so top-heavy based on d-bus that the entire OS was completely unresponsive to receiving and making phone calls. to cater for both that and the security issue, if you followed my recommendation to use FLASK (SE/Linux) i would recommend the creation of an actual separate application which is small but permanently memory-resident (so as to be quick and instantly responsive) that has access to the RIL/GSM, and can be a "one-shot-dialer". this executable could also be given ultra-high priority by the linux kernel.... because it is a separate application. it could even be fired off by a "panic button" as well as being triggered by dialing "911", "999" or "112" (depending on the country). so even if the UI is heavily busy performing other tasks (such as running the latest and greatest version of angry birds or consuming vast amounts of memory because it's a google app or a flash application) and oh look! the UI *is* the B2G application... even if that were the case, it would *still* be possible to make emergency calls, even if you couldn't actually see the UI telling you that the call had connected because it was still too damn busy running "angri burds". _and_, most importantly, under the FLASK security model you'd be able to prioritise that application with a different set of permissions to allow it to be contacted by a wider range of other apps (or narrower?) than might otherwise be granted to "ordinary" apps which are allowed (or otherwise) to make "ordinary" phone calls. _and_ it would still be accessible even if rogue apps had compromised the rest of the B2G infrastructure. l. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
