This topic describes how to add Tizen privileges and PPAPI permissions to a Native Client project in the Tizen Studio, and lists the Tizen privileges corresponding to PPAPI permissions.
Some Samsung Product and Tizen API modules can perform security-sensitive operations which, if not used correctly, can harm user privacy and system stability. Applications that use these sensitive APIs must declare the required privileges in the "config.xml" file. Privileges are categorized into public, partner, and platform levels:
For more information about Tizen privileges, see Security and API Privileges and Tizen Privilege.
In Tizen applications, Native Client (NaCl) modules using security-sensitive PPAPI interfaces must also declare permissions in its ".nmf" manifest file. Some PPAPI permissions correspond to Tizen privileges, since they grant access to the same resources. Consequently, both the PPAPI permissions and the corresponding Tizen privileges must be declared.
When you build a NaCl project in the Tizen Studio, the "config.xml" and <projectname>.nmf configuration files are generated automatically. The Tizen Studio detects and adds privileges based on the included interface headers in the source code. It maps the privileges to PPAPI permissions, and includes them in the generated <projectname>.nmf configuration file.
<projectname>.nmf
However, privileges required by header files outside the project must be added separately. When you add Tizen privileges to the project in the Tizen Studio, the equivalent PPAPI permissions are automatically added to the <projectname>.nmf configuration file.
To add Tizen privileges to the project:
In the "Project Explorer" view, right-click the project name, and select "Properties".
In the side menu, select "Tizen Studio > Tizen privileges".
Select the desired privileges from the list, and click "Apply".
To close the dialog, click "Apply and Close". The project automatically rebuilds.
To verify that the PPAPI permissions were added, open the CurrentBin/<projectname>.nmf file. For example, if you added the "http://tizen.org/privilege/filesystem.write" privilege, the output ".nmf" file contains the following PPAPI permissions:
CurrentBin/<projectname>.nmf
"permissions" : [ "PPB_FileIO", "PPB_FileIO_Private", "PPB_FileRef", "PPB_FileSystem", "PPB_RemovableStorage_Dev" ],
The following table maps PPAPI permissions to the Tizen privileges that must be added in the Tizen Studio. The PPAPI permission name is the same as the interface using it. Interfaces that do not require permissions are not listed.
http://developer.samsung.com/privilege/audiorecorder
http://tizen.org/privilege/mediacapture
http://developer.samsung.com/privilege/epg
http://tizen.org/privilege/filesystem.write
http://tizen.org/privilege/fullscreen
http://developer.samsung.com/privilege/network.public
http://tizen.org/privilege/systemmanager
http://tizen.org/privilege/system
Table 1. PPAPI permissions and corresponding Tizen privileges
The following table lists other application features that require Tizen privileges. The listed privileges are supported since Tizen 2.2.1.
http://developer.samsung.com/privilege/drminfo
http://developer.samsung.com/privilege/drmplay
http://tizen.org/privilege/unlimitedstorage
http://tizen.org/privilege/internet
http://tizen.org/privilege/tv.inputdevice
Table 2. Useful Tizen privileges