On 03/19/2014 12:38 PM, ANUJ MISHRA wrote:
Just a thought:
Until now all devices used to boot with default user, so default user need not
to enter password to access device profile. But, in case of
multiuser environment default user should protect its account by password.
Incase he forgets his password
How easy for default user to recover/reset his own password? In same way, how
difficult for another user not to break-in into device?
Also, what will be the method to recover password for default user? In case of
Linux environment, there is some method to recover
root password, but it is very difficult.
that is in fact a good point. so either we lock down security to the
point that other than finding exploits, it's unbrakable (and then if you
forget your password your device is a brick, effectively, and without
hardware level intervention - eg jtag, you can't do anything. a properly
secure device would even disallow jtag override), or we leave a hole,
that requires a fair bit of effort and jumping through hoops, but allows
you to regain control of your device, BUT this means that this hole is
known and can be used to break the password of the device owner.
imho it's the same position as allowing developers root acces if they
need/want it. it's a security hole required for sheer practicality. in
this case to have users not send devices in for warranty repair alll the
time going "it's locked". if it is impossible to unlock or you charge
them a fee, then there is a godo chance users will avoid buying similar
devices in future. same story for developers.
so you just have to make the ability to recover your access something
that is not trivial. ie it takes some time and effort, and perhaps some
extra equipment (a pc) and requires physical access to the device. if
you loan your phone to someone you already are trusting them. you
already trust them not to throw the phone into the ocean or drive their
car over it etc..
same for developers - soem random person must not be able to take your
phone, plug it into their pc and instantly have root without some form
of authentication that this is the actual owner of the device, but the
owner (developer) should have that freedom.
--Anuj Mishra
------- Original Message -------
Sender : Clark, Joel<joel.cl...@intel.com>
Date : Mar 19, 2014 11:43 (GMT+09:00)
Title : Re: [Dev] [Multiuser] Security Policy Proposal for Multi-User
Environment
You can add to the list (for IVI devices at least) multiple 3G modems, Multiple
BT modems, multiple SIM cards, multiple displays and connected to multiple
handsets (smartphones) with simultaneous streaming of media by different users
to the different displays, etc
Regards
Joel
On Mar 18, 2014, at 7:25 PM, "Bumjin Im" wrote:
Never thought of such scenario that a device has multiple SD card slots for different
user. This will be another issue to track to. I don't have good idea yet but I think we
can make use of some daemons which take care of mount and usb insertion with
"some" policy.
Bumjin
-- May the Force be with you
----------------------------------------------------
* BumJin Im
* Senior Engineer, Mobile S/W Platform lab, S/W Platform Team
Samsung Electronics
---------------------------------------------------------------------------------
------- Original Message -------
Sender : Jos? Bollo
Date : 2014-03-18 23:41 (GMT+09:00)
Title : Re: [Dev] [Multiuser] Security Policy Proposal for Multi-User
Environment
On mar, 2014-03-18 at 00:22 +0000, ??? wrote:
For external memory cards, we are thinking that
the use of links in the home directories is needed
for applying quotas (see below page 7). Mounting
memory cards would imply the creation/synchronisation
of the links and of the data on the card. For example:
on the card, should exists the directories:
- /home/user1...usern
- /opt/...
and the main FS would have the links:
- /home/user1/sdcard -> /mount/sdcard/home/user1
- /opt/sdcard -> /mount/sdcard/opt
That is our draft idea.
[Bumjin] My point was that the SDcard cannot be access
controlled when it's plugged off and plugged in to window
machine. If we cannot fully enforce, then we should untrust.
That was the simple reason.
You are right, I agree. Maybe was I confused between "external memory
card" and "device media storage". But part of the proposal may still be
accurate.
I still think that if a user plug a memory SDcard or USBkey, its data
should not be shared by default. That use case is complicated. For
multi-seat configuration as what for IVI, the scenario is that the
device will be by default associated to the seat's user.
Best regards
José
_______________________________________________
Dev mailing list
Dev@lists.tizen.org
https://lists.tizen.org/listinfo/dev
_______________________________________________
Dev mailing list
Dev@lists.tizen.org
https://lists.tizen.org/listinfo/dev
_______________________________________________
Dev mailing list
Dev@lists.tizen.org
https://lists.tizen.org/listinfo/dev
_______________________________________________
Dev mailing list
Dev@lists.tizen.org
https://lists.tizen.org/listinfo/dev
--
The above message is intended solely for the named addressee and may
contain trade secret, industrial technology or privileged and
confidential information otherwise protected under applicable law
including the Unfair Competition Prevention and Trade Secret Protection
Act. Any unauthorized dissemination, distribution, copying or use of the
information contained in this communication is strictly prohibited. If
you have received this communication in error, please notify the sender
by email and delete this communication immediately.
_______________________________________________
Dev mailing list
Dev@lists.tizen.org
https://lists.tizen.org/listinfo/dev
