top

Adding Privileges and Permissions

This topic describes how to add Tizen privileges and PPAPI permissions to a Native Client project in the Tizen Studio, and lists the Tizen privileges corresponding to PPAPI permissions.

Some Samsung Product and Tizen API modules can perform security-sensitive operations which, if not used correctly, can harm user privacy and system stability. Applications that use these sensitive APIs must declare the required privileges in the "config.xml" file. Privileges are categorized into public, partner, and platform levels:

  • The public level is the minimum privilege level, which means that any application developed using the Tizen Studio can use these privileges.
  • The partner level privileges require at least a partner-signed certificate, which is granted to developers who have a business relationship with the vendor.
  • The platform level is the highest privilege level, and an application that needs these privileges requires at least a platform-signed certificate, which is granted to vendor developers.

For more information about Tizen privileges, see Security and API Privileges and Tizen Privilege.

In Tizen 2.1.1 and Tizen 2.4 applications, Native Client (NaCl) modules using security-sensitive PPAPI interfaces must also declare permissions in its ".nmf" manifest file. Some PPAPI permissions correspond to Tizen privileges, since they grant access to the same resources. Consequently, both the PPAPI permissions and the corresponding Tizen privileges must be declared.

Adding Privileges

When you build a NaCl project in the Tizen Studio, the "config.xml" and "<projectname>.nmf" configuration files are generated automatically. The Tizen Studio detects and adds privileges based on the included interface headers in the source code. It maps the privileges to PPAPI permissions, and includes them in the generated "<projectname>.nmf" configuration file.

However, privileges required by header files outside the project must be added separately. When you add Tizen privileges to the project in the Tizen Studio, the equivalent PPAPI permissions are automatically added to the "<projectname>.nmf" configuration file.

Important

Do not modifiy the "config.xml" and "<projectname>.nmf" files directly.

To add Tizen privileges to the project:

  1. In the "Project Explorer" view, right-click the project name, and select "Properties".

  2. In the side menu, select "Tizen Studio > Tizen privileges".

  3. Select the desired privileges from the list, and click "Apply".

    Figure 1. Adding Tizen privileges

    Figure 1. Adding Tizen privileges

  4. To close the dialog, click "OK".
    The project automatically rebuilds.

  5. To verify that the PPAPI permissions were added, open the "CurrentBin/<projectname>.nmf" file.
    For example, if you added the "http://tizen.org/privilege/filesystem.write" privilege, the output ".nmf" file contains the following PPAPI permissions:

      "permissions" : [ "PPB_FileIO", "PPB_FileIO_Private", "PPB_FileRef", "PPB_FileSystem", "PPB_RemovableStorage_Dev" ],
    

Tizen Privileges Corresponding to PPAPI Permissions

The following table maps PPAPI permissions to the Tizen privileges that must be added in the Tizen Studio. The PPAPI permission name is the same as the interface using it. Interfaces that do not require permissions are not listed.

Note

If a PPAPI permission corresponds to more than 1 Tizen privilege, you must add all the corresponding privileges.

Table 1. PPAPI permissions and corresponding Tizen privileges
PPAPI Permission Tizen Privilege Privilege Level Tizen Version Support
2.2.1 2.4 3.0 4.0
PPB_AudioInput_Dev http://developer.samsung.com/privilege/audiorecorder
Public
Yes
Yes
Yes
Yes
http://tizen.org/privilege/mediacapture
PPB_DeviceControl_Samsung http://developer.samsung.com/privilege/epg
PPB_FileIO http://tizen.org/privilege/filesystem.write
PPB_FileIO_Private
PPB_FileRef
PPB_FileSystem
PPB_Fullscreen http://tizen.org/privilege/fullscreen
PPB_NetworkMonitor http://developer.samsung.com/privilege/network.public
PPB_ProgramSchedule_Samsung http://developer.samsung.com/privilege/epg
No
No
PPB_RemovableStorage_Dev http://tizen.org/privilege/filesystem.write
PPB_SefClient_Samsung http://tizen.org/privilege/systemmanager
Partner
No
PPB_ServiceList_Samsung http://developer.samsung.com/privilege/epg
Public
Yes
PPB_SystemInfo http://tizen.org/privilege/system
Yes
Yes
PPB_VideoCapture_Dev http://tizen.org/privilege/mediacapture

Other Useful Tizen Privileges

The following table lists other application features that require Tizen privileges. The listed privileges are supported since Tizen 2.2.1.

Table 2. Useful Tizen privileges
Feature Tizen Privilege Privilege Level
DRM information retrieval http://developer.samsung.com/privilege/drminfo
Partner
DRM-protected content playback http://developer.samsung.com/privilege/drmplay
Public
Filesystem access http://tizen.org/privilege/unlimitedstorage
Internet access http://tizen.org/privilege/internet
Remote control http://tizen.org/privilege/tv.inputdevice