Updated: April 19, 2023 |
When you use the Sensor service, there are many relevant recommendations and system interactions to consider.
For a comprehensive list of recommendations and system interactions, see the System Security Guide.
Static files used by the system must be read-only files that are protected from being modified. We recommend the files are stored on a read-only, integrity-checked filesystem, such as the Merkle filesystem, or within the IFS, if it's protected by a trusted boot process.
In addition to the configuration files used by the Sensor service, System Launch and Monitor (SLM) files are used. These files allow you to modify the startup sequence of applications and services without rebuilding the target image. The same guidelines apply to these files. For more information about SLM files, see System Launch and Monitor (slm).
Dynamic files used by the system must be given appropriate permissions that match those with which the process executes. Consideration should be given as to whether any personally identifiable information is recorded and whether the files should be stored on an encrypted filesystem.
The Sensor service interacts with these libraries. Summarized are the calls that create dynamic files:
A security policy for a system controls where a process can attach channels in the path space, defines which abilities to assign to its processes, and controls which processes can connect to which others. Access control is a mechanism used to secure a system by limiting the actions available to a process. Mandatory access control (MAC) is policy-driven, with rules to enforce relationships between processes, channels, and paths. For example, rules control which processes can connect to a channel, as well as which specific paths a process may attach to in the path space. This restricts the ability of a process to connect to a channel.
type ss_t; type ss_client_t; allow_attach ss_t /dev/sensor; allow ss_client_t ss_t : channel connect;For more information, see the Security Policies chapter in the System Security Guide.
on -t ss_t sensor -U521:521 -r /accounts/1000/shared/sensor -c etc/system/config/adas_example_capture.conf on -t ss_client_t adas_example -c base/etc/system/config/adas_camera_sensors.conf -m script
<SLM:component name="sensor"> <SLM:command>/base/bin/on</SLM:command> <SLM:args>-t ss_t /base/bin/sensor -U 521:521,1001 -r /accounts/1000/shared/camera -c /base/etc/system/config/adas_example_capture.conf</SLM:args> <SLM:depend>resarb</SLM:depend> <SLM:depend>screen-ready</SLM:depend> <SLM:waitfor wait="pathname">/dev/sensor/sensor5</SLM:waitfor> </SLM:component> <SLM:component name="adas_example"> <SLM:command>/base/bin/on</SLM:command> <SLM:args>-t ss_t /base/usr/bin/adas_example -c /base/etc/system/config/adas_camera_sensors.conf -m script</SLM:args> <SLM:depend>sensor</SLM:depend> <SLM:stop stop="signal">SIGTERM</SLM:stop> </SLM:component>