Home
last modified time | relevance | path

Searched refs:APL (Results 1 – 25 of 74) sorted by relevance

123

/ohos5.0/docs/zh-cn/application-dev/security/AccessToken/
H A Dapp-permission-mgmt-overview.md61 - **APL等级**
63 为了防止应用过度索取和滥用权限,系统基于APL(Ability Privilege Level,元能力权限等级)等级,配置了不同的权限开放范围。
65 元能力权限等级APL指的是应用的权限申请优先级的定义,不同APL等级的应用能够申请的权限等级不同。
67 - **应用APL等级**
71 | APL级别 | 说明 |
73 | normal | 默认情况下,应用的APL等级都为normal等级。 |
75 | system_core | 该等级的应用服务提供操作系统核心能力。<br/>应用APL等级不允许配置为system_core。 |
77 - **权限APL等级**
81 | APL级别 | 说明 | 开放范围 |
89 …如上所述,权限APL等级和应用APL等级是一一对应的。原则上,拥有低APL等级的应用默认无法申请更高等级的权限。访问控制列表ACL(Access Control List)提供了解决低等级应用访问…
[all …]
H A Daccess-token-overview.md15 系统根据应用的APL等级设置进程域和数据域标签,并通过访问控制机制限制应用可访问的数据范围,从而实现在机制上消减应用数据泄露的风险。
17 不同APL等级的应用能够申请的权限等级不同,且不同的系统资源(如:通讯录等)或系统能力(如:访问摄像头、麦克风等)受不同的应用权限保护。通过严格的分层权限保护,有效抵御恶意攻击,确保系统安全可靠。
H A Ddetermine-application-mode.md11 - 标注1:应用APL等级与权限等级的匹配关系请参考[APL等级说明](app-permission-mgmt-overview.md#权限机制中的基本概念)。
50 如果应用需要将自身的APL等级声明为system_basic及以上,在开发应用安装包时,需要修改应用的HarmonyAppProvision配置文件即SDK目录下的“`Toolchains / _{…
H A Ddeclare-permissions-in-acl.md3 受限开放的权限通常是不允许三方应用申请的。当应用在申请权限来访问必要的资源时,发现部分权限的等级比应用APL等级高,开发者可以选择通过ACL方式来解决等级不匹配的问题,从而使用受限权限。
H A Dapp-permissions.md33 应用需查询权限自身的APL级别,判断是否可申请。符合条件的应用申请了此类权限后,系统将在用户安装应用时,自动把相应权限授予给应用。
/ohos5.0/docs/en/application-dev/security/AccessToken/
H A Dapp-permission-mgmt-overview.md61 - APL
65 …The APL defines the application's priority for requesting permissions. Applications of different A…
67 - Application APL
71 | APL| Description|
73 | normal | Default APL of an application.|
75 …| system_core | Application that provides OS core abilities. <br>Only the APL of a system applicat…
77 - Permission APL
79 …Permissions are granted to applications based on the application APL. The permission APLs are also…
81 | APL| Description| Available To|
89APL cannot request a permission with a higher APL. However, you can use the Access Control List (A…
[all …]
H A Ddeclare-permissions-in-acl.md3 …hird-party applications. If an application with a lower APL requires a permission of a higher APL,…
H A Ddetermine-application-mode.md11 - ① For details about the mappings between application APLs and permission APLs, see [APL](app-perm…
23 The operation for requesting a permission varies, depending on the permission APL and authorization…
43 | Permission APL| Authorization Mode| Enable via ACL| Operation Path|
50 To change the application APL to system_basic or system_core, modify the HarmonyAppProvision file (…
H A Dapp-permissions.md30 … or system service to have permissions beyond its Ability Privilege Level (APL). When the applicat…
33 …You need to quey the application's APL and determine whether the application can request the permi…
/ohos5.0/docs/zh-cn/device-dev/subsystems/
H A Dsubsys-security-selinux-sample-domain.md96 1. 在sehap_contexts文件中,建立应用APL等级、包名与应用进程标签、数据目录标签的映射关系。这里表示,当安装的应用APL为normal且包名为`com.ohos.permission…
100APL说明参考[权限等级说明](../../application-dev/security/AccessToken/app-permission-mgmt-overview.md#权限apl等级…
106 这里使用APL等级为normal的应用作为示例,其他APL等级的应用参考下表配置:
108 **表1** APL等级与应用attribute归属对应关系
109 | APL等级 | 应用进程attribute归属 | 应用数据目录attribute归属 |
H A Dsubsys-security-selinux-checklist.md9 目前OpenHarmony SELinux根据应用的三个APL等级,将应用进程的SELinux类型分为对应的三个attribute,将应用数据目录的SELinux类型也分为对应的三个attribut…
11 | APL等级 | 应用进程归属的attribute | 应用数据目录归属的attribute |
17 APL说明参考[权限等级说明](../../application-dev/security/AccessToken/app-permission-mgmt-overview.md#权限apl等级)。
/ohos5.0/docs/zh-cn/application-dev/security/UniversalKeystoreKit/
H A Dhuks-key-attestation-overview.md11 | 系统服务| {processName:"xxx", APL:"system_basic \| system_core"} | APL为[系统服务等级](../../security/Access…
14 > 1. 当调用方为系统服务且APL等级为normal时,暂不支持密钥证明,此种情况下,processName与APL字段将置空。
/ohos5.0/base/security/access_token/
H A DREADME_zh.md16 应用的Accesstoken信息主要包括应用身份标识APPID、用户ID,应用分身索引、应用APL(Ability Privilege Level)等级、应用权限信息等。每个应用的Accesstok…
20 - 提供基于TokenID的Accesstoken信息查询,应用可以根据TokenID查询自身的APL等级等信息。
83 ATM提供了统一的应用权限访问控制功能,支持应用程序或者SA查询校验应用权限、APL等信息。从使用者角度,可以分为基于native进程启动的SA和应用Hap两类使用者。
87 - 在native进程运行过程中,可以通过调用GetNativeTokenInfo、CheckNativeDCap来查验对应进程所具备的token信息,包括分布式能力、APL等级等信息。
91 - 在应用运行过程中,需要进行鉴权等操作时,可调用VerifyAccessToken、GetReqPermissions等函数查询校验应用权限、APL等信息。
H A DREADME.md8 …ntifier (**APPID**), user ID, app twin index, app Ability Privilege Level (APL), and permission in…
12 - Obtaining access token information (for example, APL) based on the token ID.
74 … allows apps or service abilities to obtain and verify app permissions and APL. The ATM APIs can b…
78 … **CheckNativeDCap** to obtain the token information, including the distributed capability and APL.
82 …yAccessToken** or **GetReqPermissions** is called to obtain and verify the app permissions and APL.
/ohos5.0/docs/en/device-dev/subsystems/
H A Dsubsys-security-selinux-sample-domain.md96 1. In the **sehap_contexts** file, define the mappings between the application APL, bundle name and…
98 …For example, the application APL is **normal**, and the bundle name is **com.ohos.permissionmanage…
103 …For details about the APL, see [Application APL](../../application-dev/security/AccessToken/app-pe…
110 …In this example, the application APL is **normal**. The following table lists the reference config…
113 | APL| Application Process Attribute| Application Data Directory Attribute|
H A Dsubsys-security-selinux-checklist.md11 | APL| Application Process Attribute| Application Directory Attribute|
17 For details about the APLs, see [Application APL](../../application-dev/security/AccessToken/app-pe…
21 You need to modify the application SELinux type based on the application APL. For example, the poli…
/ohos5.0/base/security/access_token/interfaces/innerkits/nativetoken/test/unittest/src/
H A Dnativetoken_oper_test.cpp74 R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
82 R"({"processName":2,"APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
94 R"(,"APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
224 R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
/ohos5.0/base/security/access_token/interfaces/innerkits/nativetoken/test/unittest/mock/
H A Dnativetoken_oper_test.cpp76 R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
107 R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
138 R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
173 R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
219 R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
/ohos5.0/docs/en/application-dev/security/UniversalKeystoreKit/
H A Dhuks-key-attestation-overview.md11 | System service| {processName:"xxx", APL:"system_basic \| system_core"} | APL is [Ability Privileg…
14 …pported if the caller is a system service with APL of **normal**. In this case, **processName** an…
/ohos5.0/base/security/access_token/services/accesstokenmanager/test/unittest/
H A Dnative_token_receptor_test.cpp97 R"({"processName":"process6","APL":3,"version":1,"tokenId":685266937,"tokenAttr":0,)"\
99 R"({"processName":"process5","APL":3,"version":1,"tokenId":678065606,"tokenAttr":0,)"\
151 …std::string testStr4 = R"([{"processName":"process6", "tokenId":685266937, "APL":3, "version":new}…
155 …std::string testStr5 = R"([{"processName":"process6", "tokenId":685266937, "APL":7, "version":1}])…
160 … R"({"NativeToken":[{"processName":"process6", "tokenId":685266937, "APL":7, "version":1}]})";
164 …std::string testStr7 = R"({"NativeToken":[{"processName":"process6", "tokenId":685266937, "APL":7,…
/ohos5.0/docs/zh-cn/application-dev/security/
H A Dapp-provision-structure.md79 | apl | 表示应用程序的[APL级别](AccessToken/access-token-overview.md),系统预定义的apl包括:normal、system_basic和syste…
109 当开发者新建一个工程时,应用的类型默认为hos_normal_app(普通应用),APL级别默认为normal。
/ohos5.0/foundation/bundlemanager/bundle_framework/services/bundlemgr/test/unittest/bms_install_daemon_test/
H A Dbms_install_daemon_test.cpp57 const std::string APL = "normal"; variable
415 int result = CreateBundleDataDir(BUNDLE_NAME13, USERID, UID, GID, APL);
433 int result = CreateBundleDataDir(BUNDLE_NAME13, USERID, UID, GID, APL);
451 int result = CreateBundleDataDir("", USERID, UID, GID, APL);
465 int result = CreateBundleDataDir(BUNDLE_NAME13, USERID, -1, GID, APL);
479 int result = CreateBundleDataDir(BUNDLE_NAME13, USERID, UID, -1, APL);
493 int result = CreateBundleDataDir("", USERID, UID, GID, APL);
507 int result = CreateBundleDataDir(BUNDLE_NAME13, USERID, UID, GID, APL);
565 createDirParam.apl = APL;
/ohos5.0/foundation/bundlemanager/bundle_framework/services/bundlemgr/test/unittest/bms_installd_client_test/
H A Dbms_installd_client_test.cpp40 const std::string APL = "apl"; variable
360 createDirParam.apl = APL;
380 createDirParam.apl = APL;
400 createDirParam.apl = APL;
420 createDirParam.apl = APL;
440 createDirParam.apl = APL;
637 std::string apl = APL;
653 std::string apl = APL;
685 std::string apl = APL;
/ohos5.0/docs/en/application-dev/reference/apis-ability-kit/
H A Djs-apis-appDomainVerify-sys.md17 | Permission | APL | Description |
21 For details about the APL, see [Basic Concepts in the Permission Mechanism](../../security/AccessTo…
H A Djs-apis-Bundle-distributedBundle-sys.md23 | Permission | APL | Description |
27 For details about the APL, see [Basic Concepts in the Permission Mechanism](../../security/AccessTo…

123