No subject

security mechanism on the device is essential to protect user from
malicious behavior of downloaded program which could generate  over
billing, destroy or leak user data, etc .  We have developed internally
a framework&nbsp; for the sand boxing of native applications : <br>
- Access to critical resources are trapped and authorization are
granted depending on the trust level of the application. <br>
- The trust level are attached to the application using certificate. <br>
<br>
This is done using two level of control : <br>
&nbsp;&nbsp;&nbsp; - MAC enforcement inside the kernel <br>
&nbsp;&nbsp;&nbsp; - application level access control inside the software bus <br>
<br>
This is basically an implementation of the framework proposed by the
"OMTP Application Security" group. We plan to launch some work on this
inside LiPS in the following weeks and welcome all contributions on
this topic. <br>
<br>
Laurent<br>
<br>
<br>
<br>
<br>
&nbsp;<br>
<br>
Dirk Sigurdson wrote:
<blockquote cite="mid1173723113.15205.2.camel at einstein" type="cite">
  <pre wrap="">Maybe I'm getting a little ahead of myself here as it seems that people
have other priorities.  I'll bring it up again sometime down the road.

Sincerely,

Dirk

On Tue, 2007-03-06 at 17:00 -0800, Dirk Sigurdson wrote:
  </pre>
  <blockquote type="cite">
    <pre wrap="">I'm wondering what people's thoughts are for package management on G 
(PE)^2.  Does it make sense to include the gpe-package utility from  
GPE?  One thing that could be important from both an end user  
security perspective and potentially from a carrier support  
perspective is being able to restrict the content that is installed  
on the phone.  The LiPS security spec has some stuff on adding  
digital signatures to ipkg's that we should probably investigate.

Additionally, we may want to think of ways that we could sandbox  
"untrustworthy" applications to restrict them from accessing critical  
system resources.  For example, we'd want to try to prevent a trojan  
from constantly sending out SMS messages by writing to the serial  
device or by asking the phoneserver to do it on its behalf.

Dirk

_______________________________________________
Gpephone-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Gpephone-devel at linuxtogo.org">Gpephone-devel at linuxtogo.org</a>
<a class="moz-txt-link-freetext" href="http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/gpephone-devel">http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/gpephone-devel</a>
    </pre>
  </blockquote>
  <pre wrap=""><!---->
_______________________________________________
Gpephone-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Gpephone-devel at linuxtogo.org">Gpephone-devel at linuxtogo.org</a>
<a class="moz-txt-link-freetext" href="http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/gpephone-devel">http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/gpephone-devel</a>


  </pre>
</blockquote>
<br>
<br>
<div class="moz-signature">-- <br>
<title>Votre signature email Orange (en France)</title>
<p
 style="font-family: Arial,Helvetica,sans-serif; margin-top: 10pt; margin-bottom: 10pt; font-size: 10pt; color: rgb(0, 0, 0);"><img
 src="cid:part1.06010407.01020908 at orange-ftgroup.com" height="40"
 width="40"></p>
<p
 style="font-family: Arial,Helvetica,sans-serif; margin-top: 0pt; margin-bottom: 0pt; font-size: 10pt; color: rgb(0, 0, 0);">
<b>Laurent Gottely</b><br>
ft/rd/maps/ams/sle<br>
analyse et evaluation des logiciels embarqu&eacute;s<br>
t&eacute;l. +33296052713<br>
mob. +33687088318 <br>
<a href="mailto:laurent.gottely at orange-ftgroup.com"
 style="font-family: Arial,Helvetica,sans-serif; font-size: 10pt; color: rgb(255, 102, 0);">laurent.gottely at orange-ftgroup.com</a></p>
<p
 style="font-family: Arial,Helvetica,sans-serif; margin-top: 10pt; margin-bottom: 10pt; font-size: 10pt; color: rgb(0, 0, 0);"><img
 src="cid:part2.05080302.08070003 at orange-ftgroup.com" height="20"
 width="18"></p>
</div>
</body>
</html>

--------------050207040702040206020003
Content-Type: image/gif;
 name="orange_logo.gif"
Content-Transfer-Encoding: base64
Content-ID: <part1.06010407.01020908 at orange-ftgroup.com>
Content-Disposition: inline;
 filename="orange_logo.gif"

R0lGODlhKAAoAPcAAP9mAP9lAP////9jAP9kAP9gAP9eAP9dAP9iAP9fAP/x5/9cAP9YAP9Z
AP/69v+3i/9yGf9lBP+ygv/n1/+IQf/Xvf/fyf+kbP+3if/LrP9jAv9oBv+7kP9oCP91Hf/U
uP9xF/+/lv/awP9mB/+JPf+XV/+EPP+KPf/y6f+HQf+HQv9pC/+PRf/s4f/59f9/Mv9kAv9l
Av+cXf/IpP/8+v/8+P+4jf/Stf9VAP/Ttv/Bmf/Lq/9sDv9vEP9sC/+JPv+2hv9xFv+VUP+A
Lf9zGv+1h//w5v/u4v9kBf/JqP/Vuv+3h/+KQv+IQv+2h/9kC/+9k//t4v92G//dyf9bAP9v
Ev+zhf9aAP91JP/07P/Dnf/awf+UT/9pCP/dxv/Nrv+pc//p2v9hAP+GPf9pBv+GP/9iA/9i
Cv+ocv+QSv/Zwv/AmP+8j/+dXv/Mqv+lbf/Psf+IOv/7+P/Orv9nCP+SU/96Lv96J//j0f9n
A/9eBP/bw//aw//k1P+STf/r3f/n1v/Ipf+6jf+gZ/+eYv/Lqv/Mrf/gzP9zG/+xgP+ygf/X
vP/gzf+JQf/Cm/+VVf+FOP/fzP+QTP/hzv/Xvv+LRv/Gn//s3/+4iv9kAf9rFP+tdv9rCP9l
Af9yFv+pcf94KP+xe//Yv/94If9pCv+COf+ZVf+ue/+7kf9XAP9nCv/q3f9iAf+9lP9uEf9o
A//l1P+FN////f+ncv+OR//v5f/y5/+aX/+hY/9+K/9hAf/59P+hZ/+IPv+fYv90Gv/Qs/+X
Vf9wE/+VVP9+Lf+YWP/eyf+mbv9+Mf96Jv91HP/HpP+8kQAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAAAAAAALAAAAAAoACgAAAj/AAEIHEiwoMGD
CBMqXMiwocOHECNKnEixosWLGDNq3Mixo8ePIEOKHEmypMmTKFOqXMmypcuQAQYQCEBAZABO
UnqM8FEQwQCBNGkKHPATQICjMoEimBlgaIFfYNAk2lTAKREIBQa86sKqigZdiEAUINBpABIP
qmSaUbYiAhkCCUBAeNKIVihTPwnwWFZDjpYBvQBROvSigi0FIRBgEKXExR5XGgI5sIBnyQIM
ClA4ikAgUwyBB04JuDBLwJsxAiK1IWbFjgQBpZLIenRLQJphAiT5EsDGj4A6JhzIOECwwBY+
DK5MmtNEgAkcHS4AYyQgRYYJDbAIEBKiz4IztaA4zRFwA44DZsQHJqgwpQEVWG4oCIjDYE0W
UCUElMkQpkAyAVxwEIUemuzCARA0QDJKLp40NdABxwjwACoCECLfCal80UIlHwiggiF/FHCH
AMEwIcAOOQggCAkSlmABCVUNFAAdRaCggAQFxCLCEAv8YIwXrSyCjCIzIOCBCCw0gIsaNhhh
CQO8THCJDsIUNRABBmywgQFINSWGTAYMQNNPMSVwwgfFDCLAJwcYAEMeBtR00EwyytjUnQ7G
FEQhR6yCSQc1HeURXKSMEKdCAQEAOw==
--------------050207040702040206020003
Content-Type: image/gif;
 name="ampersand.gif"
Content-Transfer-Encoding: base64
Content-ID: <part2.05080302.08070003 at orange-ftgroup.com>
Content-Disposition: inline;
 filename="ampersand.gif"

R0lGODlhEgAUAPcAAP///+UAAO94AO92APGHG+5vAO5xAOQAAP/8+u5uAO50AO5yAO97AO91
AO51APa2dvFxdPB+Dv3t3esyOO93BvBnaOswOu99APCADfCBDvKZPv/+/Pzo0vGGG/7z9/3x
9/7x9vnGk/F/Rf/+/e9hRPrXs/SpW/KPK/alqPGPJO1PUPnPrvjGkv727fSmUO93AP726P76
9falofzjyvjBivF1c/B9AP719frasegaHugZF+97B/Fzc+1HRvrTrPOcPv3o6PSjT/GLIvnN
nuo0MeszN/e7gP3r2P3t2+osMfvVwvrMzf3v4fSkXfrSp/apqP748/N+gfetrf/9/frP0uxN
Q+onK/zm0egaGe5rCvKXOukXHOkvB/KWN//9+vKLSeUCAOYAAP3u3POaQegUF/OcQ/i9gfvj
yvFzdPKQLfCADOgUFPjHkvKNJv/79/e0tPzp0+5vEOYAA+98APrZtvnRqOYAAexCQPGLJOkl
GuszK/rbue9ZW/739uoyMv3w4/jHju1jAPONi+95FP/89/WpW/OJhutKAPCADvrVrfWoW/rK
y//8/PKZPO9nZ+5OUf759O9xAPjCi+5RSPzfxO95AO55APa2b+5SVP///vKNKPB8BfWXmPve
3fScePnJlvSlVPi4t/KSLvvdv/WsYv/+/ucLC/B/DPrNzvnEu/a2dffBffOEhvaipv738O1R
TvBoaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAAAAAAALAAAAAASABQAAAj/AAEIHDgwlYgs
TaAQXDhQhqcflhz4YLiQU41MYjokoEFx4BI/iwC46WKgTkcAUzD1YASghSYCR06iMgVLIKUd
D7ycZBWAh0BFWv6cBPAoAAQAQ8ZcGXqjyAFHTi5JGArAw4QAVVYQGjiiBBOGSPQcIEJlYSFS
pQjSWTUpwBpBBBG0EYJgYAgTMFoFsPOq00A2kTRsECjpxBkAQLYEwGJIYKIIBT4JHEUBVAyB
UQLISfIE0KYEjVwJDFIgDRyBHyyA4RJHwIsUHAYiEjBAFIs9OL4EsjHnwiAlBDMIqNRAgQAH
DBgoWHAoT4VQfQSqWjBAAO0GBtS4IBEmQAAdd9BIFoFkBs8pDATKGJkBAAQKPlbI5FDxJiAA
Ow==
--------------050207040702040206020003--

--------------090203000202060004020806--