Re: [Dev] Tizen Multi-user and Security

Mon, 01 Dec 2014 15:57:43 -0800

Title: Samsung Enterprise Portal mySingle

Hi Jacob

 

As I know, https://wiki.tizen.org/wiki/Security/Multi_user_policy” is just a draft version

and has not been edited for a long time.

Current implementation is different, for example, not only default user (main user) but normal user can install and uninstall applications.

And almost documents of multi-user is based on IVI implementation.

I think documents for other profile (common, mobile, TV, etc..) should be added.

 

BRs.

Kim, Tae-Soo

 

------- Original Message -------

Sender : jacob travis<jacob.btra...@gmail.com>

Date : 2014-12-01 21:41 (GMT+09:00)

Title : [Dev] Tizen Multi-user and Security

 

Hi all,

I'm investigating Multi-User with Tizen 3.0, and I think it’s a little misleading and inconsistent. I am not sure whether the wiki page is out of data. So I list things I find, I hope someone can give me some suggestions.

Tizen 3.0 wiki page is https://wiki.tizen.org/wiki/Tizen_3.0.

Tizen 3.0 Multi-User wiki page is https://wiki.tizen.org/wiki/Multi-user_Architecture.

Multi-User presentations https://wiki.tizen.org/w/images/0/05/Multi_Users_Presentations_TDC2014_Final.pdf

  • Multi-User system and Use case for Multi-User.

  1. Muti-User system is the new feature for Tizen 3.0. As the Tizen 3.0 wiki page said, Tizen Common is the base for other profiles, such as IVI. Tizen has several categories of Multi-User systems, and what are the categories of Multi-User system? Wiki page only show me one case, the profile IVI. Is that all for Tizen Multi-User system? I think it is not enough to detail the Multi-User system in Tizen 3.0.

  2. Multi-User is the same as Mult-User system, it has no official standard define. And the listed Multi-User use case is too few. It’s not enough to descript the Multi-User feature. Such as two people want to display two different video on Tizen that has one gstreamer, two audio output and two screen. How does it handle by Tizen? That means what is the official behavior with more users want to use more resources and one resource? I don’t find the standard spec to define the behavior, also the use case is few that can’t descript the fully Multi-User what the designer want to do.

  1. Page 21, Application Framework,

    1. Core API should be extended, the doc said that, and I would like to know which Core APIs will be extended, dose it already finished or in progress? Where can I find the details?

  2. Page 23, Resource Services

    1. What resources will be managed and how it was managed by mult-user case?

    2. Some passivity operation dont define. For example. Telephone application is run at different user, once the network side dial the local number, which telephony UI should be popup, and who will answer the incoming call? I think Tizen multi-user will have many confusion like as incoming call, but I dont find the official description about it.

  3. Page 28, Service API

    1. I’m so sorry I don’t find Service API in Tizen 3.0 Architecture diagram. Since that is the key framework for Multi-user, I am not sure whether someone can update it? what is the current design? If the current design contain the Service API, can someone give me a wiki and document about APIs define?

  1. System resources has predefined UID, Can someone show the list about the predefined resource UID?

  2. the admin rights erase the device, dose the admin user only have the rights to erase the device, right?

  1. This document descript that:

- default user is the device owner(admin)”.

Most of files are owned by root except application’s data”

Only default user is able to install & uninstall applications”

In package application management https://wiki.tizen.org/wiki/Multi-user_PackageApplicationManagement:

regular User can only install/uninstall/update application for it only, and in Tizen 3, by default a user is regular one(i.e, without particular privileges)”

In Multi user policy https://wiki.tizen.org/wiki/Security/Multi_user_policy:

the admin rights is install and uninstall applications”. (In basic principle select)

There have many users, regular user, default user, admin user, root. What is the difference about those users, and how can I make out those users. regular user without particular privileges can install/uninstall/update application for itself with its own application database. But in other documents, only default user is able to install/uninstall applications. regular user does not look like admin user, because regular user has no particular privileges. The concept is not clear. And how does the admin know which user the application will be install for?

  1. Page 5, Service daemon should be able to distinguish user and enforce access control. if someone want to port the upstream project to Tizen 3.0, and the upstream is as the Service daemon? but unfortunately all of currently upstream project dont support that, in order to aim the goal, whether the tizen will write a new related project? Does each upstream project has each Tizen-Related project?

  2. Page 9, Device configuration, only device owner can configure device. But its not aligned with Bluetooth/WiFi Multi-user requirement. Bluetooth/WiFi requirements are https://wiki.tizen.org/wiki/Multi-user_Bluetooth and https://wiki.tizen.org/wiki/Multi-user_WINET . That descript any user can use the device without device owner configuration, its a little misleading.


I am not sure if I am understanding this right, and I really sincerely hope someone can give me some answers. 


Thanks

Jacob

 

 
  Kim, Tae Soo   Senior Engineer


  Platform Engineering Lab. 
  Software R&D Center
 

  SAMSUNG ELECTRONICS CO.,LTD
  Mobile: +82-10-9644-1075
  E-Mail: taesoo46....@samsung.com

 

_______________________________________________
Dev mailing list
Dev@lists.tizen.org
https://lists.tizen.org/listinfo/dev

Reply via email to