Active Topics
-
Extra softwares in Sailfish using CLI, repositories, etc (117)
to SailfishOS by nieldk - 4 hrs, 26 mins ago -
Firefox with Leste (6)
to Maemo 7 / Leste by teroyk - 1 day, 1 hr ago - more...
| The Following 5 Users Say Thank You to momcilo For This Useful Post: | ||
|
2011-09-12
, 23:07
|
|
Posts: 1,751 |
Thanked: 844 times |
Joined on Feb 2010
@ Sweden
|
#2
|
Aegis is the new security framework of Harmattan. A pain in the *** if you ask me.
__________________
You like what i do? Donate!
Make your desktop look awesome - use the AwOken Theme with the AwOken Icon Theme.
Add me on twitter @almehdin
Visit the swedish maemo/meego community forums
You like what i do? Donate!
Make your desktop look awesome - use the AwOken Theme with the AwOken Icon Theme.
Add me on twitter @almehdin
Visit the swedish maemo/meego community forums
 |
|
2011-09-13
, 01:40
|
|
Posts: 2,448 |
Thanked: 9,523 times |
Joined on Aug 2010
@ Wigan, UK
|
#5
|
You don't need to sign applications, but applications need to request permission to access the tracker, use dbus etc. This is done by including a .aegis file in your .deb package that uses an XML-like syntax.
__________________
'Men of high position are allowed, by a special act of grace, to accomodate their reasoning to the answer they need. Logic is only required in those of lesser rank.' - J K Galbraith
My website
GitHub
'Men of high position are allowed, by a special act of grace, to accomodate their reasoning to the answer they need. Logic is only required in those of lesser rank.' - J K Galbraith
My website
GitHub
|
|
2011-09-13
, 05:30
|
|
Posts: 1,042 |
Thanked: 430 times |
Joined on May 2010
|
#6
|
Still same like symbian...
Symbian = Without .cer & .key to sign your sisx files = No Permission
Meego = Without .aegis to include in your deb files = No Permission
Symbian = Without .cer & .key to sign your sisx files = No Permission
Meego = Without .aegis to include in your deb files = No Permission
|
|
2011-09-13
, 07:05
|
|
Posts: 502 |
Thanked: 366 times |
Joined on Jun 2010
@ /dev/null
|
#7
|
Aegis here in detail thanks to joerg_rw. Paraphrasing some quotes (from infobot on #maemo IRC channel):
Originally Posted by infobot
More information is also available on wikipedia according to infobot
The purpose of this framework is: ... to make sure that the platform meets the requirements set by third party software that requires a safe execution environment.
__________________
- IRC handle: psycho_oreos
- 3 x Nokia N900 | 2 x 32GB TopRAM microSDHC class 10 inserted in two devices | 2 x SIM cards inserted in two devices.
- N900/ Nokia N900 is not a phone/smartphone! its an internet tablet with phone functionality - so quit assuming its still a phone/smartphone when it isn't!!
- Help fight spam together!
- WANTED: Token/Karma system staff
 |
|
2011-09-13
, 07:36
|
|
Posts: 288 |
Thanked: 175 times |
Joined on Oct 2010
@ Petaling Jaya, Selangor, Malaysia
|
#8
|
Thanks for this discussion, am skipping the N9 then... I saw how such a mechanism killed UIQ3 on Symbian...
__________________
Visit my blog at http://lifewithmaemo.blogspot.com or my website at http://www.renegade-uiq.com
Visit my blog at http://lifewithmaemo.blogspot.com or my website at http://www.renegade-uiq.com
| The Following 4 Users Say Thank You to ajack For This Useful Post: | ||
|
|
2011-09-13
, 08:58
|
|
Posts: 673 |
Thanked: 856 times |
Joined on Mar 2006
|
#9
|
Originally Posted by marxian
Thank you for pointing me to the right direction. The first time the aegis was mentioned I've failed to find online documentation (either due to the missing "dbus" keyword or it simply was not there)
You don't need to sign applications, but applications need to request permission to access the tracker, use dbus etc. This is done by including a .aegis file in your .deb package that uses an XML-like syntax.
For all interested Harmattan documentation on security is here.
The information on aegis syntax is here.
So far it sounds like TPM, which if it is true s*** big time.
__________________
http://gpl-violations.org/faq/violation-faq.html
http://gpl-violations.org/faq/violation-faq.html
 |
|
2011-09-13
, 09:06
|
|
Posts: 2,355 |
Thanked: 5,249 times |
Joined on Jan 2009
@ Barcelona
|
#10
|
Sadly, the problem with Aegis comes with its policy; currently, you are still to see <sarcasm> "the best of it" </sarcasm> 
: its current policy is rather allowing to applications from the unknown source (aka unsigned applications).
How this policy will be in later firmwares is something I don't know. The hints that are in the current firmware's restok.conf file do not look good, but for the time being, I am giving them the benefit of the doubt.
: its current policy is rather allowing to applications from the unknown source (aka unsigned applications).How this policy will be in later firmwares is something I don't know. The hints that are in the current firmware's restok.conf file do not look good, but for the time being, I am giving them the benefit of the doubt.
| The Following 9 Users Say Thank You to javispedro For This Useful Post: | ||
 |
| Tags |
| locked boot, neutered, trecherous |
«
Previous Thread
|
Next Thread
»
|
All times are GMT. The time now is 10:31.
In short aegis is actually part of:
Mobile Simplified Security Framework (MSSF)
EDIT: Renamed the topic title.
EDIT2: Renamed again
http://gpl-violations.org/faq/violation-faq.html
Last edited by momcilo; 2011-09-14 at 09:12.