On Tuesday, August 2, 2011 4:12:02 AM UTC-4, patrick Immling wrote: And the way to break down the Android is to rip through the security barrier > by means of a privilege escalation. >
That's the part that's supposed to be hard. Deploying and executing arbitrary unprivileged code isn't supposed to be hard. If there's a way for unprivileged code to become privileged, that's the problem that needs to be addressed, and generally is shortly after such a way is found. So I still miss the fact about how such native exploits like what I have > done here(you know, manually doing an adb push my exploit binary etc), get > distributed? > Applications can write out native executables in their private files area and execute them. This is generally a good thing, as it means that android is preserving some of the flexibility of the hardware and underlying operating system on which it is built. Many exploits would not depend on being launched in a new process anyway, and could be run in ndk library code called via jni - which is a key capability on which not just 3rd party apps, but pieces of the android platform interface run within the processes (and thus under the credentials) of 3rd party apps depends. And how is the Android community preventing this? > As a lot of android devices are unfortunately sold locked down in a way that restricts their utility to end users, "the community" has a variety of feelings about it. Nobody wants security holes on their device for someone else to exploit, but many people if purchasing a device that came locked down, want a security hole to exist long enough for them to gain full ownership control of it, so that they can install something that not only makes the device more useful, but also patches that hole (potentially faster than an official upgrade - which may or may not ever be offered for that device). -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To view this discussion on the web visit https://groups.google.com/d/msg/android-security-discuss/-/oluRpsVRKQ0J. To post to this group, send email to android-security-discuss@googlegroups.com. To unsubscribe from this group, send email to android-security-discuss+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.