X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=README;h=6730c1e02b7c516354609213c95f3cc7cd5860c8;hb=7cbecc64dd827643a3e7f7fd176df203ced3a411;hp=738fe61d85b98d6443060393a5c2d24607ff33f5;hpb=1ded97246f7592715f3fcce395fd840f8d4913c7;p=platform%2Fcore%2Fsecurity%2Fsecurity-manager.git diff --git a/README b/README index 738fe61..6730c1e 100644 --- a/README +++ b/README @@ -1,42 +1,23 @@ -README for security-server project +README for security-manager project -security-server project contains of two parts: -1) the server part, that is implemented as a daemon that has vast rights for -vulnerable, security-related data, and that may be trusted by its clients. +The security manager is project forked from security-server, from which +it inherits its main design: division for two parts: +* system daemon (security-manager) +* library for communication with daemon (libsecurity-manager). -2) the client part, libsecurity-server: a library that allows programs to -communicate with the server part to ask for granting some rights or to get some -security-related data. - -The libsecurity-server library's API is available in the header file -src/incluce/privilege-control.h. - -The libsecurity-server API may be used to: -* enable SMACK security for in-direct interprocess communication. -* password management (setting, restoring, checking passwords) -* check for SMACK rights that other processes have if its smack label is not -known, but a remote's side pid is known or communication to it is established -with socket. -* enabling and disabling permissions for a specified application - - -security-server2: - -The server part is implemented in a /src/server2 directory. -The implementation is divided into: +The implementation of daemon part is divided into: manager part: that is responsible for threads and communication management with no awareness of what information is being transferred. This part is implemented by SocketManager class that works with GenericSocketService as a generalization for services that security-server provides. and services part: implemented as classes derived from GenericSocketService - grouped in src/server2/service directory that defines actions done by - security-server after receiving certain requests from client side. + grouped in src/server/service directory that defines actions done by + security-manager after receiving certain requests from client side. -Adding services to security-server should be done by creating a new class -derived from GenericSocketService, implementing proper functions for it, -registering it to SocketManager in main loop and making unix socket for service. +The security-manager's manager part is fully inherited from security-server, +while services are completely diffrent. -The paths of unix sockets used in communication between server and libclient are -defined in src/server2/common directory. Sockets themselves are configured in -files in systemd directory. +The security-manager services are ment to gather information about security +permissions in the system and provide access to that data via means of +libsecurity-manager.