[SailfishDevel] [Minutes] Sailfish OS Open Source Community Collaboration Meeting, 5th of September 2016
Tone Kastlunger
users.giulietta at gmail.com
Thu Sep 8 06:23:13 UTC 2016
QML plugins in a separate project - something is amiss here; but anyways.
It is fairly easy to evaluate a technology for a certain use in my opinion;
especially if that technology is not new and has been used (SELinux has),
and ESPECIALLY if it has been used in the same context already (i.e.
Android).
Slava, you mention about ABI compatibility; how does Android solve this? Is
this a problem for Android as well?
Applications on android request access on install already; i.e. they
provide a manifest to do so, not during runtime.
It is a plus for SELinux, that having it would remove some entries from the
porting from android task list (potentially).
Think about this from different angles;
what do developers want?
what do developers *need*?
what consequences will the choice that is made have? how will they
influence development?
how will this tech be used? By whom?
On Wed, Sep 7, 2016 at 4:47 PM, Andrew Penkrat <penkrat8 at gmail.com> wrote:
> On Wednesday, September 7, 2016 4:20:04 PM MSK, Slava Monich <
> slava.monich at jolla.com> wrote:
>
>> Hi Andrew,
>>
>> To make matters worse, the plugin requirements may change over time,
>>>> meaning that a system upgrade may break the app because the app didn't
>>>> request access to some features required by the updated plugins.
>>>>
>>>
>>> Application shouldn't know/care about how does plugin work. Plugins are
>>> parts of the system and shouldn't be sandboxed.
>>>
>>
>>
>> How to you sandbox a native app without affecting plugins? They all live
>> within the same process, the same virtual address space. I don't think it's
>> possible to reliably track a system call back to the executable/shared
>> library it originated from, even with DEP (data execution prevention)
>> enabled. Without DEP it's plain impossible.
>>
>> With the interpreted code like Java it's certainly doable. With the
>> native code, I very much doubt it.
>>
>> Cheers,
>> Slava
>>
>>
>>
> That's why I wrote this:
>
>>
>>> I don't know much about implementation, but Ubuntu Touch somehow
>>> achieves this with AppArmor.
>>>
>>>
> AFAIK, at least for QML plugins it runs them in separate processes and
> application communicates with them via DBus. All seamlessly for developer.
>
> Regards,
> Andrew
>
>
>
> --
> Sent using Dekko from my Ubuntu device
> _______________________________________________
> SailfishOS.org Devel mailing list
> To unsubscribe, please send a mail to devel-unsubscribe at lists.sailfi
> shos.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.sailfishos.org/pipermail/devel/attachments/20160908/7be84326/attachment.html>
More information about the Devel
mailing list