Hi all,
We distributed the security policy proposal in the multi-user environment
before.
And we are developing the detailed user id policy for the not user oriented
daemon processes.
We proposed about it as below in the earlier security policy proposal.
[User ID of Daemon Processes]
- If performing service is not user oriented, it can be launched as special
user ID
i.e) telephony, location, system
- User oriented service can be launched as logged in user ID
i.e) email, messaging, account, contacts, pims
- Decision can be made case by case
We considered "one system user per not-user oriented daemon" before, but we
thought it's too difficult to manage.
We also considered "one system user(not root) for all not user oriented
daemons", and there is still the concern for the security.
How can we assign the system user id properly(Secure and Easy to manage)?
Do you have any idea about the system user policy?
How about "one system user per domain(system, multimedia, telephony,...)"?
It'll be happy to hear any feedback.
Best Regards,
Dongsun Lee
_______________________________________________
Dev mailing list
[email protected]
https://lists.tizen.org/listinfo/dev
