Tizen provides API-level access control for security-sensitive operations which, if not used correctly, can harm user privacy and system stability. Therefore, applications that use such sensitive APIs must declare the required privileges in the config.xml (in Web applications) or manifest.xml (in native applications) file.
If an application invokes a privileged API, the Tizen system checks whether the privilege is present in the config.xml or manifest.xml file. If the privilege is not present in either file, the system prohibits the application execution.
The Tizen IDE also provides privilege checker tools to check whether the Tizen application source code contains any privilege violations. For more information, see:
Privileges are categorized into 3 levels based on their security impact:
These privileges are open to all Tizen application developers.
The partner level privileges can only be used by developers registered as partners on the Tizen store.
The developer must be fully identified and permitted by the partner policy of the Tizen Store to use both public and partner level privileges.
The platform level privileges are used in security-sensitive system APIs for managing the Tizen platform.