I was leaning towards bug myself, thanks for clarifying. Patch uploaded:
https://android-review.googlesource.com/223300
From: Nick Kralevich [mailto:n...@google.com]
Sent: Friday, May 6, 2016 3:43 AM
To: Roberts, William C <william.c.robe...@intel.com>
Cc: seandroid-list@tycho.nsa.gov
Subject: Re: platform_app property_service:set
This seems like a bug in the policy. The intention of
https://android-review.googlesource.com/194717 was to allow property setting
access for platform_app.
Can you upload a change to fix this?
-- Nick
On Thu, May 5, 2016 at 8:37 AM, Roberts, William C
<william.c.robe...@intel.com<mailto:william.c.robe...@intel.com>> wrote:
With platform app runing with a category set, it cannot access the
property_socket since it is not mlstrustedobject. Which one of the following is
this an example of:
1. A bug in the policy
2. Something you shouldn’t do
3. Up to OEMs and if they want to add that typeattribute who cares…
(property_set is restricted via neverallows on a few domains including
untrusted_app).
___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov<mailto:Seandroid-list@tycho.nsa.gov>
To unsubscribe, send email to
seandroid-list-le...@tycho.nsa.gov<mailto:seandroid-list-le...@tycho.nsa.gov>.
To get help, send an email containing "help" to
seandroid-list-requ...@tycho.nsa.gov<mailto:seandroid-list-requ...@tycho.nsa.gov>.
--
Nick Kralevich | Android Security | n...@google.com<mailto:n...@google.com> |
650.214.4037
___
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to
seandroid-list-requ...@tycho.nsa.gov.