All,
On my user/user debug loads, adb shell user can run ps command without any
audit message.
shell@android:/ $ id
uid=2000(shell) gid=2000(shell)
groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),2001(cache),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats)
context=u:r:shell:s0
However, on my eng loads, a ps command generate a lot of audit message about
sys_ptrace
audit(1400521005.486:189): avc: denied { sys_ptrace } for pid=3624 comm="ps"
capability=19 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability
audit(1400521005.486:190): avc: denied { sys_ptrace } for pid=3624 comm="ps"
capability=19 scontext=u:r:shell:s0 tcontext=u:r:shell:s0 tclass=capability
root@android:/ # id
uid=0(root) gid=0(root) context=u:r:shell:s0
We don’t have boolean and I grep for sys_ptrace and don’t see any rule,
including dontaudit, for shell domain.
So, what can cause different result between eng build and user/user debug build?
Thanks,
Tai
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
