So just to sum up Seandroid can only help in case there s a direct binder between two processes?
Which is less common if I understand correctly On Tue, 29 Sep 2015 at 04:09 William Roberts <[email protected]> wrote: > > On Sep 28, 2015 8:10 AM, "Tal Palant" <[email protected]> wrote: > > > > Thanks for the detailed answer. > > > > A follow up question if for instance intent is used it means that the > communication is done using a system process, and you mentioned that the > SEAndroid works on the process level, can SEAndroid also control the system > process? can SEAndroid control IPC in this case? or SEAndroid can only > control when the communication is direct between two processes? > > Intents are sent from one process through the system server process and > delivered to another process. So you would need to cut off binder access to > the system server, however this is not feasible. Applications will not work > without binder access to system server. > > You need to make activity manager service (ams), which runs inside of > system server process, smart enough to control intents. AMS is already > smart enough to check against android permissions, you could also add logic > to check other things. IIRC Intent mac branch out of the seandroid project > has support for intent controls. > > > > > On Mon, Aug 31, 2015 at 1:29 AM, William Roberts < > [email protected]> wrote: > >> > >> > >> On Aug 29, 2015 9:17 AM, "Tal Palant" <[email protected]> wrote: > >> > > >> > Hi, > >> > > >> > I have a question regrading the usage of SEAndroid on the binder > class. > >> > > >> > can it be used to control which applications access other > applications components? > >> > >> Yes and no. It controls access at the the process level. If N > components run in a process than you grant at N components. > >> > > >> > does all ipc Android communication is done using binder? are there > other ways? > >> > >> Unix domain socket is prevalent .. See installd or property service as > an example. Also, intents and broadcasts count as ipc that built on top of > binder. > >> Think of binder as an ipc primitive. > >> > > >> > does the communication done not directly like using the system or > something? > >> > >> Binder is direct between processes. Intents and broadcasts are middle > manned by system server. > >> > > >> > in this case the rules on the binder can't prevent communication > between applications components? > >> > >> If you name components you can use mac_permissions.xml and > seapp_contexts to isolate xomponents. Iirc. I don't do a whole lot this > high up in the stack. > >> > >> > > >> > Thanks. > >> > > >> > _______________________________________________ > >> > Seandroid-list mailing list > >> > [email protected] > >> > To unsubscribe, send email to [email protected]. > >> > To get help, send an email containing "help" to > [email protected]. > > > > > > > > > > -- > > טל פולו פלנט > > כי שם כזה יש רק אחד >
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
