Aegis security with Python libraries/scripts

[ohookins]

I've been reading up on the Aegis FAQ at http://harmattan-dev.nokia.com/docs/...urity_FAQ.html and after reading this it is still not entirely clear how Aegis will/should behave with things like Python.

Specifically I'm porting OpenCV which has Python bindings. Ideally I would grant the libraries that deal with video the GRP::video privilege but it seems that you also need to build the package to be aware of the binary that may need the privileges. This would be straightforward if I knew that the Aegis system will make the determination based on /usr/bin/python being the binary, but I don't know if it will be /usr/bin/python or the path of the script which calls python.

In this second case it would still be possible for the script (assuming it is packaged) to request the additional privileges but in the first case it might not be possible - especially if the upstream maintainer of Python for Harmattan has not put an Aegis request section in the manifest for that package (or if it lacks a manifest altogether).

Could someone shed some light on this slightly confusing area?

[gnuton]

Hi,
Libraries cannot have credentials. Only real executable applications can.

Interpreted scripts are treated as executables (if they start the interpreter with #!),
and can have manifest and request credentials. However, if you do this, you have
to keep in mind that a manifest adding credentials to an executable (or script),
makes that equivalent of "setuid executable": it has the credentials regardless of
who starts it. Any user or web widget may be able to run it.

[ohookins]

OK, that makes sense. Thanks for your prompt answer!