From 1a59de6a951a450f5f2b4c0cbdb846fda843baed Mon Sep 17 00:00:00 2001 From: Jan Cybulski Date: Tue, 1 Oct 2013 13:31:10 +0200 Subject: [PATCH] Add README file [Issue#] SSDWSSP-528 [Bug/Feature] Added README file. [Cause] N/A [Solution] N/A [Verification] N/A Change-Id: I6742741f7947b8e6cd442ace81c71fe85ee8c62b --- README | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 README diff --git a/README b/README new file mode 100644 index 0000000..dd56e9c --- /dev/null +++ b/README @@ -0,0 +1,32 @@ +README for libprivilege-control project + +libprivilege-control is a library that is designed to work with Simplified +Mandatory Access Control Kernel (SMACK/Smack) on Tizen platform. + +The library introduces and works with a new abstraction layer for access control +above the SMACK's rules layer: a privilege layer. +The privilege is a group of rules combined together to represent SMACK accesses +(rights) that application needs to have in order to work with some distinctive +subsystems. +This library provides an interface allowing maintenance of application +privileges for Tizen. + +The library's API is available in the header file incluce/privilege-control.h. +The API provides functions that can be used to perform security context actions +for the whole lifecycle of application: installing, running, uninstalling. +Such actions are: +- for installing: + ->registering application in a database, + ->setting privileges for an application that is being installed, + ->setting up rights and giving SMACK labels for application's shared + directiories or files, + ->adding new privilege definitions, +- for running: + ->setting privileges for an application that is being run, +- for uninstaling: + ->cleaning up data set up during installation. + + +Internally the package implements a database of SMACK rules that are maintained +via the library API. Each time an API for changing rules is called, the rules +in database are processed and are loaded to kernel SMACK. -- 2.7.4