1) The SEAdmin app does not have a facility to set Intent MAC to enforcing as it was previously done in the Manager app. It can be set by using "setprop persist.mac_enforcing_mode 1"
2) I had the same issue as Mike (see http://article.gmane.org/gmane.comp.security.seandroid/430/match=intent_mac) in that I had to add additional info to intent_mac.xml for handling <data scheme=... entries as well as <data mimeType=... and extend IntentMAC.java to handle them otherwise IntentFilter.NO_MATCH_DATA was returned. I did use the <allow-all> to allow all specific apps intents though, for example: <allow name="contacts_to_phone" src="com.android.contacts" dst="com.android.phone"/> <allow name="phone_to_contacts" src="com.android.phone" dst="com.android.contacts"/> The code I modified/added to IntentMAC.java - readFilter(): String tagName = parser.getName(); if ("action".equalsIgnoreCase(tagName)) { if (filter.countActions() != 0) { throw new NullPointerException("Cannot filter on multiple actions"); } String value = parser.getAttributeValue(null, "name"); if (value == null || value == "") { throw new NullPointerException("Empty action:name attribute"); } filter.addAction(value); } else if ("category".equalsIgnoreCase(tagName)) { String value = parser.getAttributeValue(null, "name"); if (value == null || value == "") { throw new NullPointerException("Empty category:name attribute"); } filter.addCategory(value); } else if ("data".equalsIgnoreCase(tagName)) { int attributeCount = parser.getAttributeCount(); if (attributeCount > 1) { throw new XmlPullParserException("Too many data attributes"); } String name = parser.getAttributeName(0); if ("scheme".equalsIgnoreCase(name)) { String value = parser.getAttributeValue(null, "scheme"); if (value == null || value == "") { throw new NullPointerException("Empty data:scheme attribute"); } filter.addDataScheme(value); } else if ("mimeType".equalsIgnoreCase(name)) { String value = parser.getAttributeValue(null, "mimeType"); if (value == null || value == "") { throw new NullPointerException("Empty data:mimeType attribute"); } try { filter.addDataType(value); } catch (IntentFilter.MalformedMimeTypeException e) { Slog.w(TAG, "Malformed mimeType"); } } } XmlUtils.skipCurrentTag(parser); } Richard -- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to [email protected] with the words "unsubscribe seandroid-list" without quotes as the message.
