Hi!
On 06/07/2011 06:39 AM, Xun Sun wrote:
> Does this mean MSSF is still in the picture as MeeGo's security
> framework? Do you have a TODO list so that people can have a feeling
> of the changes being planed and even contribute?
Not really. It is up to Ryan & pals who define the content of the
official core release. So far their message seems to be that MSSF in its
current state is out and the security framework needs some redesigning.
Which I think is a sound decision al things considered.
However, the crypto subsystem is all userspace stuff and I cannot see
any reason why it could not be developed and maintained as any other
community project. It doesn't need any special kernel patches or such,
I'll just have to change it to use the supported access control API in
stead of the now obsoleted libcreds2.
I would like to get at least the emulator mode working in a reasonable
way if not for any other reason then at least because I would hate to
leave it in the dysfunctional state it currently is. IMHO it contains
some cool stuff which I have put a lot of effort into and it would bug
me to let it all go to waste.
So this is just a hobby project for me at the moment. A TODO list is a
good idea so I should probably update the MSSF wiki as the very first thing.
https://meego.gitorious.org/meego-platform-security/pages
> This mechanism pretty much covers our needs.
Neat! Once the TEE-emulator mode is working the crypto services will be
available by help of user-supplied passwords in this way then. If
someone decides to finish the libtee support for some special hardware
or provide such services through another API I can start supporting also
the passwordless mode again.
JuM
_______________________________________________
MeeGo-security-discussion mailing list
[email protected]
http://lists.meego.com/listinfo/meego-security-discussion
