|
Home · All Classes · Grouped Classes · Annotated · Functions | |
As part of the SXE, a priveleged Qtopia system process known as SXEMonitor monitors security. SXEMonitor runs as a lightweight process that responds to security policy breaches. If an an untrusted application breaches policy the following steps are taken:
If suspicous activity is detected but there is difficulty in isolating the errant application, then a lockdown state is initiated which:
Breaches are communicated to the SXEMonitor via a protected security log. The log serves to decouple the SXEMonitor from the rest of the Qtopia system so that the integrity of the monitor is maintained even if other parts of Qtopia are compromised or exploited.
In future the SXEMonitor's responsibilities will expand to monitoring system resources by periodically executing a number of checks:
SXEMonitor will act if any of these quick checks reveals a problem situation. There are a range of configurable options if a problem situation is detected.
The SXEMonitor is advised of the current process holding the lock(possibly through shared memory.) A number of retry policies can be specified, for example, Exponential Backoff, N-Milliseconds. If the lock cannot be obtained and the same process is holding it, that process holding the lock is killed.
a similar scenario is followed as for the framebuffer write lock. The Process Monitor obtains its data from the /proc pseudo-file-system.
SXEMonitor can either poll the output from the keyboard driver (tty device). As soon as the button hits the number of milliseconds of press-down time the monitor will kill all other applications except the server.
| Copyright © 2007 Trolltech | Trademarks | Qtopia 4.2.5 |