Security/Tizen 2.X anti virus app guide

From Tizen Wiki
Jump to: navigation, search

Overview

All applications in Tizen device are sandboxed using Smack, and public privileged applications cannot directly access the other application's resouces. Therefore, an anti-virus application cannot identify malicious application by scanning the executables and resources of an application.

But, if an anti-virus application already knows which applications are malicious, the anti-virus application can use following APIs to protect a user's device from malicious applications.


Getting information for all installed packages

To retrieve all package information of installed packages, use the package_manager_foreach_package_info() function.

int package_manager_foreach_package_info(package_manager_package_info_cb callback, void *user_data)
  The function takes the following parameter
    [in]	callback	The callback function to be invoked
    [in]	user_data	The user data to be passed to the callback function
    [out] 0 on success, otherwise a negative error value
    Required Privilege: http://tizen.org/privilege/packagemanager.info

You can get a detailed information on how to use this API in the following user guide.

Receiving notifications for package installation events

To detect package events, such as installation, uninstallation, and updates, register a callback funtion to be invoked using package_manager_set_event_cb.

package_manager_set_event_cb(package_manager_h manager, package_manager_event_cb callback, void * user_data)
  The function takes the following parameters:
    [in] manager: Package manager handle
    [in] callback: Callback function to be registered
    [in] user_data: User data to be passed to the callback function
    [out] 0 on success, otherwise a negative error value
    Required Privilege: http://tizen.org/privilege/packagemanager.info


Leading a user to remove identifed malicious applications

Tizen does not provide public privileged applications with any means silently removing an application. But Tizen provides a way leading a user to remove identifed malicious applications.

The setting application has functions for application management which can be accessed by other applications. An application can launch the UI for application removal provided by the setting application. When a malicious application is detected, an anti-virus application can ask a user to remove the malicious application by lauching the UI for application removal.

The UI of setting application for application management can be launched by the following AppControl sample code.

 app_control_h service = NULL;
 int result = 0; 
 result = app_control_create(&service);
 if(result != APP_CONTROL_ERROR_NONE) {
     return;
 }    
 ret_if(NULL == service);
 app_control_set_operation(service, APP_CONTROL_OPERATION_DEFAULT);
 app_control_set_app_id(service, "setting-manage-applications-efl");
 app_control_add_extra_data(service, "viewtype", "application-info");
 app_control_add_extra_data(service, "pkgname", "pkg_name_to_delete");
 app_control_send_launch_request(service, NULL, NULL);
 app_control_destroy(service);

The bold characters should be changed into the package name to delete and "app_control_send_launch_request" needs "http://tizen.org/privilege/appmanager.launch" privileges.


You can get a detailed information on the AppControl in the following user guide