Hi, Jose. Thank you for your comments. I added my reply in line.
Best Regards, Dongsun Lee. > >------- Original Message ------- >Sender : Jos? Bollo<[email protected]> >Date : 2014-04-07 21:01 (GMT+09:00) >Title : Re: [Dev] [Multiuser] System User ID Policy for the Daemon Processes > >On lun, 2014-04-07 at 08:13 +0000, 이동선 wrote: >> Hi, all. >> I am Dongsun Lee working in Tizen security part at Samsung. >> >> We are studing how to minimize the root processes in Tizen 3.0. >> To do that, one of what we need is the system user id policy to replace the >> root user. >> >> So I proposed the policy, "one system user per domain"(refer to the below >> mail). >> Even if only one man wrote the response mail, I think people agreed with it. >> So I went further. >> >> There is no daemon in some domains, so they don't need the system user. >> And there may be more than two daemon in one domain. >> In that case, one system user will be assigned for those daemons. >> (If other system users are needed except the system users of domains, >> it should be examined first by the security engineers before it is assigned.) >> >> Following is the example of the system user assignement. >> --------------------------------------------- >> [Domain] - [system user name] >> System - system >> Web Framework - webfw >> App Framework - appfw >> Base - base >> Security - security >> Multimedia - multimedia >> Graphics & UI Framework - graphics >> Networks & Connectivity - connectivity >> Telephony - telephony >> Messaging - messaging >> Social & Content - social >> Location - location >> Platform Development - platformdev >> SDK - sdk >> Automotive - automotive >> Application - No User Assigned >> Test APIs - No User Assigned >> (For domains, I referred to >> "https://wiki.tizen.org/wiki/Tizen_Platform_Architecture_Overview#Tizen_Domains";). > >Hi 동선, > >Some notes. > >I don't see an obvious need for 'base' and 'security' that IMHO should >be root or system. The platform integrity, system update and security >management are to my eyes really deep in the system and should have many >privileges then putting it in some specific user isn't realistic. For some daemons(ex. systemd), it will be running as a root. But other daemons in base and security domain which doesn't need many privileges need to be running as non root.(In Tizen 2.2, the security-server in security domain is running as root. But it doesn't need many privilege). >Maybe that for encryption and password keyring, there is a need but it >could be turn into 'system'. > >Is there a real need to separate 'sdk' and 'platformdev'? If not >'platformdev' would be fine. > I checked the SDK and Platform Development domain. For SDK, we don't need a system user. And Platform Development domain doesn't need the system user either, I think. >'graphics' is separated from 'multimedia' but there is no 'audio'. On my >linux, I can see the groups 'audio' and 'video' but no such user. Maybe >defining only 'multimedia' is good enough. > >I also share some of the fears of Łukasz and I have some doubts about >the integration and the need of 'appfw' and 'webfw'. It could be into >system too. But it makes sense even when the difference between them >isn't really big. > >Best regards >Jose _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
