Preventing untrusted_app domain from accessing database

[Datta, Souvik]

Hi,

I am running on Android 4.4.4 and have two processes. The security context of 
both the processes are :-

com.example.contentproviderexample having security context --> 
u:r:hm_phonebookaccess_app:s0  
com.example.contentprovideruser having security context --> 
u:r:untrusted_app:s0           


com.example.contentproviderexample is a content provider and the database which 
has security context as - 

mydb --> u:object_r:hm_phonebookaccess_data_file:s0 
mydb-journal --> u:object_r:hm_phonebookaccess_data_file:s0 

The above security context has been set using following rule - 

type hm_phonebookaccess_app, domain;
app_domain(hm_phonebookaccess_app)
allow hm_phonebookaccess_app dalvikcache_data_file:file { write setattr };
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:file { read getattr 
open };
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:dir setattr;
allow hm_phonebookaccess_app zygote:unix_stream_socket { getopt getattr };
allow hm_phonebookaccess_app apk_data_file:dir getattr;
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:dir { write create 
add_name };
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:file { write create 
setattr };
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:dir search;
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:dir { read open };
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:file lock;
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:dir remove_name;
allow hm_phonebookaccess_app hm_phonebookaccess_data_file:file unlink;
allow installd hm_phonebookaccess_data_file:lnk_file create;


At run time, I am making setenforce as 1. 

My aim is to prevent any process which belongs to domain-->untrusted_app from 
accessing the database which belongs to the domain-u:r:hm_phonebookaccess_app:s0

NOTE: The content provider is exported as true.

In the seapp_contexts, following entry has been made :-

user=_app domain=hm_phonebookaccess_app  
name=com.example.contentproviderexample  type=hm_phonebookaccess_data_file

My observation is that in enforcement mode, the process 
"com.example.contentprovideruser" is able to access the database.

Is there any way I can prevent "untrusted_app" domain from accessing that 
database? 

Thanks and Regards,
Souvik
_______________________________________________
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.