On 11/22/2013 01:52 PM, Severin Friede wrote: > Ok I am totally new to this topic, so I'm sorry for any misleadings. > It is not important to me if my app is writing to an external sdcard. That > was just an idea. > My problem is that I dont know how to configure a policy that disallows one > app to write to files created by another app.
(restored cc line) Our default policy specifies levelFrom=app in external/sepolicy/seapp_contexts for untrusted apps (third party apps). That will assign a unique category set to each such third party app and will automatically isolate their internal storage files (under /data/data/<packagename>) from one another even if DAC permissions would permit access. Just install some third party apps and use ps -Z to see that they have a category set in their context and ls -Z /data/data/<packagename> to see that its files are labeled with the same category set. Then you can have one app create a file and make it world-readable and/or writable, and show that the other app cannot access that file (and you'll get an avc denial in the audit.log). Note that this is only true of our policy; the AOSP policy does not apply this separation as it could break compatibility for existing apps. -- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to [email protected] with the words "unsubscribe seandroid-list" without quotes as the message.
