Le lundi 19 janvier 2015 à 11:37 +0100, Dominig ar Foll a écrit : > Hello, > > in order to be sure that we integrate new code which is not breaking the > model, I would propose that we at least ask the reviewer AppFW and > Security reviewer to check a few things before sending a +1: > > - the code does not break basis multi user model > * no hard wired path > * no hard wire ID > * calling uid can be identified. > > - the code does not break security model > * uid and AppID callin gthe API are known in a secured way > * privilege associated with the API can be enforced in a secured manner > * delay for privilege acceptance is supported (for privilege which > can be declared as "user on demand").
Hello, details about acknowledgement of privileges are here: https://wiki.tizen.org/wiki/Security/Overview#Managing_privileges Ask if you need more data. Best regards José Bollo > > - the code does not break User data privacy. > * data are not mixed between user and/or Apps > * pre set shared directory only are able to > * attempt to violate data privacy will result to App rejection. > > Regards > > _______________________________________________ Dev mailing list [email protected] https://lists.tizen.org/listinfo/dev
