Jeffrey Vander Stoep wrote:
AOSP now provides a quick start guide for writing policy for new devices!
Please take a look. I've had a couple of selinux newbs run through it
during device bringup with good results (and helpful feedback). Your
feedback is appreciated.
http://source.android.com/security/selinux/device-policy.html
Nice. Some comments:
Is getenforce an adb command now or should that be adb shell getenforce?
Overuse of negation actually means overuse of attributes, I think. The
bad thing in that rule is the use of domain, not the use of negation.
The device example is good but there are sometimes good reasons to split
out a device type like kgl_devices or something that needs to be
accessed by other domains.
Definitely emphasizing that no devices should be labeled device is good,
I've seen that a lot. The same goes for generically labeled properties.
Label new services does not cover labeling things running from ramdisk
(e.g., using seclabel in init.rc)
There should probably also be a section on mitigating assertion
violations. One very unfortunate thing about the AOSP policy is that the
assertions actually make it hard to lock down the policy more than
upstream has.
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
