s/project/process heh On Thu, Sep 8, 2016 at 9:23 AM, Tone Kastlunger <users.giulie...@gmail.com> wrote:
> QML plugins in a separate project - something is amiss here; but anyways. > It is fairly easy to evaluate a technology for a certain use in my > opinion; especially if that technology is not new and has been used > (SELinux has), > and ESPECIALLY if it has been used in the same context already (i.e. > Android). > Slava, you mention about ABI compatibility; how does Android solve this? > Is this a problem for Android as well? > Applications on android request access on install already; i.e. they > provide a manifest to do so, not during runtime. > It is a plus for SELinux, that having it would remove some entries from > the porting from android task list (potentially). > > Think about this from different angles; > > what do developers want? > what do developers *need*? > what consequences will the choice that is made have? how will they > influence development? > how will this tech be used? By whom? > > > > > > > On Wed, Sep 7, 2016 at 4:47 PM, Andrew Penkrat <penkr...@gmail.com> wrote: > >> On Wednesday, September 7, 2016 4:20:04 PM MSK, Slava Monich < >> slava.mon...@jolla.com> wrote: >> >>> Hi Andrew, >>> >>> To make matters worse, the plugin requirements may change over time, >>>>> meaning that a system upgrade may break the app because the app didn't >>>>> request access to some features required by the updated plugins. >>>>> >>>> >>>> Application shouldn't know/care about how does plugin work. Plugins are >>>> parts of the system and shouldn't be sandboxed. >>>> >>> >>> >>> How to you sandbox a native app without affecting plugins? They all live >>> within the same process, the same virtual address space. I don't think it's >>> possible to reliably track a system call back to the executable/shared >>> library it originated from, even with DEP (data execution prevention) >>> enabled. Without DEP it's plain impossible. >>> >>> With the interpreted code like Java it's certainly doable. With the >>> native code, I very much doubt it. >>> >>> Cheers, >>> Slava >>> >>> >>> >> That's why I wrote this: >> >>> >>>> I don't know much about implementation, but Ubuntu Touch somehow >>>> achieves this with AppArmor. >>>> >>>> >> AFAIK, at least for QML plugins it runs them in separate processes and >> application communicates with them via DBus. All seamlessly for developer. >> >> Regards, >> Andrew >> >> >> >> -- >> Sent using Dekko from my Ubuntu device >> _______________________________________________ >> SailfishOS.org Devel mailing list >> To unsubscribe, please send a mail to devel-unsubscribe@lists.sailfi >> shos.org >> > >
_______________________________________________ SailfishOS.org Devel mailing list To unsubscribe, please send a mail to devel-unsubscr...@lists.sailfishos.org
