-
-
Notifications
You must be signed in to change notification settings - Fork 212
Supplementary Security Domains
Supplementary security domains can be created with -domain
. Add additional privileges with -privs
and installation parameters with -params
. The default package and application ID can be changed with -pkg
and -app
.
To specify extradition right for the newly created SSD, use -allow-to
to be able to extradite apps to the SSD and -allow-from
to be able to extradite applications from the SSD. If you need to add additional installation parameters to the SSD, also construct the necessary privileges block for within the parameters block.
To extradite an application to a different security domain during installation, specify the SSD with -to
:
gp -install <applet.cap> -to <AID>
The SSD must accept the extradition, so create
gp -move <AID> -to <AID>
Both security domains must allow the extradition or the operation will fail.
A new tree is one which has itself as root. Create it with
gp -move <AID> -to <AID>