Hi, I have couple of questions w.r.t. SEAndroid & Android Apps but before that I would explain a little bit:
Android apps are signed with a key depending upon apps category i.e. platform app or system app or and so on. Depending upon that it would be assigned a seinfo tag which would be utilized by zygote to assign a context to app. Now if there is a vulnerability by which an application can be installed as system, rogue app would be assigned seinfo as system or platform. Hence rogue app can execute all privileged operations. This is possible because if a user update a privileged app from Google play or some other OEMs provided stores which would install app in /data. First Q: is my above understanding correct? Second Q: if yes, how can we mitigate this vulnerability? Third Q: is it possible that someone can replace the certificates those are used to verify the platform apps? if yes, rogue person can replace the verifying certs and install the modified apps which would get required permissions to execute privileged operations. Thanks, Dinesh
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
