Thank you Stephen. Thanks to your reply we were able to re-implement the functionality that was removed by the patch and evaluate it in the scenario we are looking at. It works nicely and solves our security loophole, although we are aware of the stability problem that will arise if the binder's owning process dies. Since we believe we have a good reason for needing to know the binder pedigree with respect to transfers, we will try to propose a fix for the problem that led to removal of the functionality.
Paul Ratazzi ________________________________________ From: Stephen Smalley <[email protected]> Sent: Friday, February 27, 2015 12:46 PM To: E. Paul Ratazzi; [email protected] Subject: Re: Preventing Transfer of Binder Handles [...] Second, the SELinux binder_transfer_binder hook and binder transfer permission originally supported the scenario you describe but we had to change it, see: http://marc.info/?t=137438440700037&r=1&w=2 [...] _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
