We've just released a typing system, called MMAC Types, and an
implementation of MAC on Intent delivery, called Intent MAC, as well as
a sample policy that demonstrates this new feature.
The protection method and code released today is highly experimental and
you can expect it change a lot. We're hoping that this can give the
community a concrete example when discussing runtime Middleware MAC
mechanisms.
Overview:
MMAC Types assigns strings, called types, to packages if a package meets
some required combination of specified signature, permission, and/or
package name. A package can have multiple types, which is a key
difference from SELinux types. This fact may change in the near-future
and we would welcome discussion about the advantages/limitations imposed
by this design choice.
The best way to understand MMAC Types is to look at these files:
* the policy, in external/sepolicy/mmac_types.xml
* MMACtypes.java in frameworks/base
Intent MAC supports a white-list of Intents and the types of their
sources and destinations. Currently, we only protect delivery of Intents
to Activities, Broadcast Receivers, and Services. Content Providers are
not yet protected. We support filtering of Intents to the action string
granularity; data and category fields are a TODO.
The best way to understand Intent MAC is to look at these files:
* the policy, in external/sepolicy/intent_mac.xml
* IntentMAC.java in frameworks/base
* filterResolveInfoListByPolicy() in PackageManagerService.java in
frameworks/base
Development:
The changes can be found on various projects' intent_mac branches. The
local_manifest.xml you should use to check this stuff out is available
on the intent_mac branch of the manifests project on bitbucket.
As always, if you have any questions or comments, please do not hesitate
to email [email protected].
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
