Reply
Thread Tools
Posts: 673 | Thanked: 843 times | Joined on Mar 2006
#1
It was mentioned several times, I've decided to create this thread to determine what is aegis, and how it will affect us.

In short aegis is actually part of:
Mobile Simplified Security Framework (MSSF)

EDIT: Renamed the topic title.
EDIT2: Renamed again

Last edited by momcilo; 09-14-2011 at 05:12 AM.
 

The Following 4 Users Say Thank You to momcilo For This Useful Post:
Posts: 1,751 | Thanked: 837 times | Joined on Feb 2010 @ Sweden
#2
Aegis is the new security framework of Harmattan. A pain in the *** if you ask me.
__________________
You like what i do? Donate!

Make your desktop look awesome - use the AwOken Theme with the AwOken Icon Theme.

Add me on twitter @almehdin
Visit the swedish maemo/meego community forums
 

The Following User Says Thank You to AlMehdi For This Useful Post:
Posts: 1,042 | Thanked: 425 times | Joined on May 2010
#3
If you ever used symbian it's more of the security thingy they made that you cannot install unsigned applications.
 

The Following User Says Thank You to Radicalz38 For This Useful Post:
Posts: 367 | Thanked: 237 times | Joined on Nov 2010
#4
Do you need to have a certificate and sign all your apps like symbian? That was a major pain in the ***. Especially for homebrew apps.
 

The Following User Says Thank You to Acidspunk For This Useful Post:
marxian's Avatar
Posts: 2,174 | Thanked: 7,950 times | Joined on Aug 2010 @ Wigan, UK
#5
You don't need to sign applications, but applications need to request permission to access the tracker, use dbus etc. This is done by including a .aegis file in your .deb package that uses an XML-like syntax.
__________________
Android? That's like bein' hit in the head with a crowbar once a day.

My website

GitHub
 

The Following 16 Users Say Thank You to marxian For This Useful Post:
Posts: 1,042 | Thanked: 425 times | Joined on May 2010
#6
Still same like symbian...

Symbian = Without .cer & .key to sign your sisx files = No Permission
Meego = Without .aegis to include in your deb files = No Permission
 

The Following 2 Users Say Thank You to Radicalz38 For This Useful Post:
Posts: 502 | Thanked: 358 times | Joined on Jun 2010 @ /dev/null
#7
Aegis here in detail thanks to joerg_rw. Paraphrasing some quotes (from infobot on #maemo IRC channel):
Originally Posted by infobot
The purpose of this framework is: ... to make sure that the platform meets the requirements set by third party software that requires a safe execution environment.
More information is also available on wikipedia according to infobot
__________________
 

The Following 4 Users Say Thank You to tuxsavvy For This Useful Post:
ajack's Avatar
Posts: 279 | Thanked: 163 times | Joined on Oct 2010 @ Petaling Jaya, Selangor, Malaysia
#8
Thanks for this discussion, am skipping the N9 then... I saw how such a mechanism killed UIQ3 on Symbian...
__________________
Visit my blog at http://lifewithmaemo.blogspot.com or my website at http://www.renegade-uiq.com
 

The Following 3 Users Say Thank You to ajack For This Useful Post:
Posts: 673 | Thanked: 843 times | Joined on Mar 2006
#9
Originally Posted by marxian View Post
You don't need to sign applications, but applications need to request permission to access the tracker, use dbus etc. This is done by including a .aegis file in your .deb package that uses an XML-like syntax.
Thank you for pointing me to the right direction. The first time the aegis was mentioned I've failed to find online documentation (either due to the missing "dbus" keyword or it simply was not there)

For all interested Harmattan documentation on security is here.

The information on aegis syntax is here.


So far it sounds like TPM, which if it is true s*** big time.
 

The Following User Says Thank You to momcilo For This Useful Post:
javispedro's Avatar
Posts: 2,044 | Thanked: 3,870 times | Joined on Jan 2009 @ Barcelona
#10
Sadly, the problem with Aegis comes with its policy; currently, you are still to see <sarcasm> "the best of it" </sarcasm> : its current policy is rather allowing to applications from the unknown source (aka unsigned applications).

How this policy will be in later firmwares is something I don't know. The hints that are in the current firmware's restok.conf file do not look good, but for the time being, I am giving them the benefit of the doubt.
 

The Following 8 Users Say Thank You to javispedro For This Useful Post:
Reply

Tags
locked boot, neutered, trecherous

Thread Tools

 
Forum Jump


All times are GMT -4. The time now is 12:17 AM.