I was leaning towards bug myself, thanks for clarifying. Patch uploaded: https://android-review.googlesource.com/223300
From: Nick Kralevich [mailto:n...@google.com] Sent: Friday, May 6, 2016 3:43 AM To: Roberts, William C <william.c.robe...@intel.com> Cc: seandroid-list@tycho.nsa.gov Subject: Re: platform_app property_service:set This seems like a bug in the policy. The intention of https://android-review.googlesource.com/194717 was to allow property setting access for platform_app. Can you upload a change to fix this? -- Nick On Thu, May 5, 2016 at 8:37 AM, Roberts, William C <william.c.robe...@intel.com<mailto:william.c.robe...@intel.com>> wrote: With platform app runing with a category set, it cannot access the property_socket since it is not mlstrustedobject. Which one of the following is this an example of: 1. A bug in the policy 2. Something you shouldn’t do 3. Up to OEMs and if they want to add that typeattribute who cares… (property_set is restricted via neverallows on a few domains including untrusted_app). _______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov<mailto:Seandroid-list@tycho.nsa.gov> To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov<mailto:seandroid-list-le...@tycho.nsa.gov>. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov<mailto:seandroid-list-requ...@tycho.nsa.gov>. -- Nick Kralevich | Android Security | n...@google.com<mailto:n...@google.com> | 650.214.4037
_______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.