** Description changed:
- SDK applications need the following AppArmor policy to run:
+ SDK applications sometimes need the following AppArmor policy to run:
/dev/binder rw,
The writes to /dev/binder allow applications to attack binder directly
which weakens our application confinement policy because there is no
mediation between binder services.
- All apps currently need this access because of the sensors service (even on
mir). The following are the binder services that Ubuntu currently uses:
+ The following are the binder services that Ubuntu currently uses:
- camera
- - sensors
- - surface flinger (only used as fallback now)
+ - media playback service (used by media-hub)
- location was in this group but is already moved away. vibrate is not
- implemented but when it is it will only use our API (ie, not binder). Of
- the remaining binder services listed above, camera is moving to HAL in
- 14.04 and sensors shoudl also move there as well in 14.04.
+ location was in this group but is already moved away. surface flinger
+ was used as a fallback but has been removed. vibrate is not implemented
+ but when it is it will only use our API (ie, not binder). sensors was
+ implemented as usensors in 14.10. Of the remaining binder services
+ listed above, camera is still present for video recording and media
+ playback service implements a subset of the android API for media
+ playback (it is used by media-hub).
This bug will be resolved when /dev/binder is no longer used or it is
only used by one service and therefore the /dev/binder access can move
into the appropriate policy group.
Right now, because all apps needs access to /dev/binder, all apps end up
- with access to the camera and sensors services even when these policy
- groups are not specified. Getting rid of /dev/binder access is for fine-
- grained application confinement to work correctly.
+ with access to the camera and media playback services even when these
+ policy groups are not specified. Getting rid of /dev/binder access is
+ for fine-grained application confinement to work correctly.
** Changed in: lxc-android-config (Ubuntu Trusty)
Status: Confirmed => Won't Fix
** Also affects: lxc-android-config (Ubuntu Utopic)
Importance: High
Assignee: Ubuntu Phonedations bugs (ubuntu-phonedations-bugs)
Status: Confirmed
** Also affects: apparmor-easyprof-ubuntu (Ubuntu Utopic)
Importance: Undecided
Status: Triaged
** Changed in: apparmor-easyprof-ubuntu (Ubuntu Trusty)
Status: Confirmed => Won't Fix
** No longer affects: touch-preview-images
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1197134
Title:
All SDK applications require access to /dev/binder
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1197134/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
