On 02/21/2015 08:19 PM, William Roberts wrote: > 1. why is /system/bin/install-recovery.sh using an explicit seclabel in > service as well as a type transition rule? I see others doing this as well.
Probably just to ensure that even if someone is able to modify the /system partition and drop their own install-recovery.sh script, it won't run in the init domain. Although that would now be blocked by policy in AOSP master since init is no longer allowed to execute anything without changing domains. I would think it could be dropped. seclabel is only needed for programs in the rootfs and for sh commands (if not placed into their own script file under /system/bin). > Whats the current state of CTS for SELinux, Is it still the: > 1. runtime domain checks > 2. all domans enforcing check > 3. No booleans check > 4. neverallow tests > > is it all contained in these files or is something else I am missing: > ./hostsidetests/security/src/android/cts/security/SELinuxHostTest.java > ./tests/tests/security/src/android/security/cts/SELinuxTest.java > ./tests/tests/security/jni/android_security_cts_SELinuxTest.cpp > ./tools/selinux > ./tools/selinux/SELinuxNeverallowTestGen.py > ./tools/selinux/SELinuxNeverallowTestFrame.py Yes, I believe that is correct. Most of the tests have been moved to SELinuxHostTest, which is run on the build/test host and uses adb to pull files or run commands on the device. This is to avoid the need to allow untrusted_app to directly perform various actions like reading the policy or reading all /proc/pid directories. I have listed some suggestions for improvements to the testing on the wiki under Testing, https://bitbucket.org/seandroid/wiki/wiki/ToDo _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
