Bump anyone have any feedback?
From: Roberts, William C
Sent: Wednesday, February 8, 2017 10:45 AM
To: [email protected]
Subject: Using non-native executables from native services
If a native service wishes to execute a non-native tool, like AM, it would
require being able to execute the dalvikcache_data_file for that. However,
doing so hits my neverallow:
#
# Assert that, to the extent possible, we're not loading executable content from
# outside the rootfs or /system partition except for a few whitelisted domains.
#
neverallow {
domain
-appdomain
-dumpstate
-shell
userdebug_or_eng(`-su')
-system_server
-webview_zygote
-zygote
} { file_type -system_file -exec_type -postinstall_file }:file execute;
neverallow {
domain
-appdomain # for oemfs
-recovery # for /tmp/update_binary in tmpfs
} { fs_type -rootfs }:file execute;
Before, I would just typeattribute the service into appdomain, which obviously
has some non-desirable consequences since it was not a full app. This new
neverallow precludes that:
# Only domains spawned from zygote and runas may have the appdomain attribute.
neverallow { domain -runas -webview_zygote -zygote } {
appdomain -shell userdebug_or_eng(`-su') -bluetooth
}:process { transition dyntransition };
What's the best answer for this? In my particular case they wish to send a
broadcast from their native service, should they just use some native broadcast
API?
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
