Changing data labels, especially MLS, was a pain in the ass. In fact, I got the privelege of writing a letter to VZW when I dropped MLS and had to have all the field users wipe their data partition. This is where, a smart relabeling service is needed.
On Wed, Aug 21, 2013 at 7:36 AM, Joshua Brindle <brin...@quarksecurity.com>wrote: > Joshua Brindle wrote: > <snip> > > >> If we decide that it isn't supported then it has a fairly large impact >> on the utility of policy reloading, I think. Right now switching from >> e.g., a Samsung policy to an AOSP policy is difficult because of the >> divergence of types. They'll either be unlabeled during boot or the new >> policy will have to alias every type that is different in the new policy. >> > > Thinking about this more, it isn't just /system. Aside from just > file_contexts changes, if I push a new seapp_contexts that changes, e.g., > levelFrom=none to levelFrom=user on a running device bad things will start > to happen. We don't currently have a facility to relabel /data/data > directories so the user is probably going to have to wipe, which will get > rid of the custom policy and start the problem all over again. > > For now OTA can sort of fix this but having something more robust for > changing policies at runtime would be much more desirable. Is it possible > to do something like encryption where apps are killed off, the partitions > are relabeled and then init is rerun? > > > > > -- > This message was distributed to subscribers of the seandroid-list mailing > list. > If you no longer wish to subscribe, send mail to majord...@tycho.nsa.govwith > the words "unsubscribe seandroid-list" without quotes as the message. > -- Respectfully, William C Roberts
