Thanks Joshua. This is quite interesting: "... If permissive, you are compliant. Enforcing is explicitly not compliant in Android 4.3....".
So, to be compliant with the CDD one must operate in permissive (audit) mode. Jeff On Thu, Aug 1, 2013 at 11:44 PM, Joshua Brindle <brin...@quarksecurity.com> wrote: > Jeffrey Walton wrote: >> >> Thanks David, >> >> I see there was a discussion under "Android sandbox reinforced with >> SELinux." Would the folks at viaForensics know the details (i.e., in >> Enforcing mode)? Or will it be up to the OEM and/or carrier (perhaps >> Permissive or Disabled mode; or perhaps completely removed)? >> > > For 4.3 onward SELinux is required by the CDD, albeit in permissive mode > initially: > > https://source.android.com/devices/tech/security/se-linux.html -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to android-security-discuss+unsubscr...@googlegroups.com. To post to this group, send email to android-security-discuss@googlegroups.com. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
