# We will make a new section in activity.info called: [Capabilities] # There are several protections which cannot be modified by the installer. # P_BIOS_CORE -- we sign bios with dev key; firmware checks # P_BIOS_COPY -- not our problem # P_SF_CORE -- may be turned off with dev key. # P_SF_RUN -- What, exactly, does "system files" refer to? net=1 # over-all net access; (1, 0) net.limits.burst=10 # token bucket depth; tokens net.limits.steady=2 # token bucket refill rate; tokens / sec net.limits.connections=5 # connections # There are several network options that we don't know how or why to implement # at the moment #net.limits.quota=3.5 # total throughput megabytes #net.firewall=??? # some firewall rules, TBD #net.access_rules.times= # #net.ports.53.bind=1 # allow us to bind on port 53 nand.limits.burst=1 # tokens nand.limits.steady=1 # tokens / sec nand.limits.quota=0 # mb # timed capabilities? (all boolean flags allowing capability request) microphone=1 # boolean flags microphone.analog=0 # camera=1 # # -- can these be turned off? cpu.limits.burst=100 # tokens cpu.limits.steady=50 # tokens/sec # P_RTC -- is this a configurable flag? dsp.bg=1 # we want to play sounds in the background x=0 # synthetic X events fs.full=0 # we don't need full disk access usb=0 # or usb access sd=0 # or SD access # As Noah notes, we're *going* to need an async-notification scheme. # That can be spammed, so it needs a permission. # Likewise for a search service. #P_IDENT -- any permissions? #P_SANDBOX -- no permissions ATM; eventual fine-grained library & binary inclusion document=0 # boolean flag document.read_only= # mime-type document.limits.burst=0 # tokens document.limits.steady=0 # tokens/sec #P_DOCUMENT_BACKUP -- no permissions #P_THEFT -- no permissions #P_SERVER_AUTH -- no permissions... (depends on P_NET?) #P_PASSWORD -- no permissions