To gather the information about what websites the user visits you dont even to read these files. Browser history is open to all the applications, i think it can be read by a query on a browser database.
On Fri, May 15, 2009 at 6:27 AM, Aubrey-Derrick Schmidt < [email protected]> wrote: > > Hi, > > we discovered the same issue. Being able to violate the permission is > definitely concerning. > > BR, > Aubrey > > [email protected] wrote: > > Hi All, > > > > Whilst experimenting with naive apps etc I realized that there are no > > restrictions on reading /proc or /sys/. From /sys/class/power_supply/ > > battery/capacity I can get the amount of charge because all users have > > read permission. > > > > ls -l /sys/class/power_supply/battery/capacity > > -r--r--r-- root root 4096 2008-11-21 23:05 capacity > > > > Whilst this is not a direct security threat it appears this should be > > prohibited by android.permission.BATTERY_STATS. i.e. It's a violation > > of the permission system. > > > > Also being able to gather information from /proc/net it appears that > > some read aspects of android.permission.ACCESS_NETWORK_STATE and > > android.permission.ACCESS_WIFI_STATE are being violated. > > > > $ ls -l /proc/net/tcp > > -r--r--r-- root root 0 2008-11-23 13:16 tcp > > $ cat /proc/net/tcp > > sl local_address rem_address st tx_queue rx_queue tr tm->when > > retrnsmt uid timeout > > inode > > 0: 6900A8C0:887C 0100A8C0:0050 > > 1: 6900A8C0:DD8F 0100A8C0:0050 > > 2: 6900A8C0:ACFB 0100A8C0:0050 > > 3: 6900A8C0:C734 0100A8C0:0050 > > where c0 = 192, a8 = 198, 00 = 0, 01 = 1. and 50 = tcp port 80. > > > > $ cat /proc/net/dev > > tiwlan0: 366602 314 0 0 0 0 0 0 > > 28948 339 (WiFi enabled) > > rmnet0: 67757 168 0 0 0 0 0 0 > > 128781 193 (GPRS enabled) > > > > If I wrote a service with android.permission.RECEIVE_BOOT_COMPLETED > > and android.permission.INTERNET I could continually monitor /proc > > these and gather information about what sites a user visits, without > > permission, and then export the info using the internet. Obviously > > this is not a huge security threat, but I think there are some issues > > here. > > > > What do you think? > > > > Chris > > > > >
