Great :) Thank you for the explanation. Kind regards, Paul
On Fri, Feb 27, 2015 at 4:28 PM, Stephen Smalley <[email protected]> wrote: > On 02/27/2015 09:04 AM, P S wrote: >> Hello, >> >> This might be an easy question but I can't seem to find a clear answer >> anywhere. Apologies if this isn't the right mailing list to ask these >> kind of things and thank you for your time. :) >> ----------------------------------- >> The scenario is as follows: >> >> I have a third party app (aka not a system app so just installed by a >> user/marketplace service) called MyApp. >> >> Inside MyApp I have some jni bindings that call native C code. This >> native C code starts two processes (let's call them ProcessA and >> ProcessB). From that point on the jni bindings communicate with >> ProcessA only. ProcessB in the meantime forks and now has 1-3 children >> processes. ProcessB acts like a manager for those processes and is >> their parent. >> The IPC in both cases (between processA <-processB and between >> processB <-> children) is done via Unix Sockets. This works fine with >> glibc and on *nix OSes without SELinux. >> >> My question is: would the default SELinux policy used in most devices >> cause problems with the usage of unix sockets for IPC? I know that >> using the native binders provided by bionic is preffered for IPC but >> it would be pretty costly to reimplement it again in my app. >> >> If it's not feasible by default what kind of changes would be >> necessary to make it work? > > Relevant rules in external/sepolicy: > > domain.te: > allow domain self:unix_dgram_socket { create_socket_perms sendto }; > allow domain self:unix_stream_socket { create_stream_socket_perms > connectto }; > > (In English, all domains are allowed to create Unix sockets and > send/connect to processes within the same domain) > > app.te: > allow { appdomain -isolated_app } app_data_file:notdevfile_class_set > create_file_perms; > > (In English, all app domains are allowed to create, read, write, ... > files of any kind other than device files in their /data/data/<pkgdir> > directory, including socket files.) > > So Unix socket IPC is fully supported within a domain (which covers not > only your case of a single app but even multiple third party apps, as > they all run in a single domain, untrusted_app). > > Where you may run afoul of SELinux is if you try to perform such IPC > across apps running for different users on a device set up for > multi-user support. But that is only presently restricted in AOSP > master, not in 5.x. _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
