Details
-
Task
-
Resolution: Fixed
-
Major
-
None
Description
WAM follows the Chromium process model, which can be summarized as follows:
- There is one render process per open site/web application.
- There is one common browser process, which performs I/O and networking for all sites/webapps.
As a consequence of this process model, the browser process must have access to the APIs (via WebSockets) requested by all of the running webapps. This behavior doesn't match the AFM security model, where each application process is expected to access only the authorized APIs and this is enforced via SMACK labels.
The proposal to solve this problem is to create a proxy process for each render process, which would have the correct SMACK label for the corresponding webapp to access its authorized APIs. The browser process would redirect all the networking requested by render processes to the proxy process and wouldn't have special permissions.
Repositories :
WebAppMgr : https://github.com/webosose/wam Branch : @1.agl.flounder
meta-agl-lge : https://github.com/webosose/meta-agl-lge Branch : flounder
chromium53 : https://github.com/webosose/chromium53 Branch : @1.agl.flounder
Hardware :
- Renesas m3 board : Reproducible
- Minnowboard : Non reproducible
- Raspberry pi : -