Other than the source itself, the most accurate description of the security model is here: http://source.android.com/tech/security/index.html This is also quite a bit more compact than the source code. :)
On Android, UID is completely unrelated to the idea of the user. Each application on Android is installed with a unique UID. The user has the ability to interact with many applications, and therefore has access provided by many UID. No single application can perform all of those actions. This is true even in the case of IME applications, which have the powerful ability to receive and generate user actions like touch screen events. Even that application can't do all of the things that the user can do. For example, the user might open an application and view an image stored in that applications local files -- even if IME can re-create that set of user actions, it is not able to actually access the data contained in that image. Adrian Adrian Ludwig | Android Security | [email protected] | 415.484.6597 On Tue, Nov 15, 2011 at 2:38 PM, Kevin Chadwick <[email protected]>wrote: > On Tue, 15 Nov 2011 12:12:23 -0800 > Brian Carlstrom wrote: > > > uid as having anything to do with a user. > > It hasn't been apropriate for me to delve much into Android yet myself > but your statement would be illogical as uid = userid. Maybe and I'm > guessing, your confusing acl/rbac type restrictions on processes linked > via path or inode with the distinct security you gain from using a > seperate user for each process for priviledge seperation reasons. > > For example you can use setcap on /usr/bin/Xorg and remove the need to > run it as root, and/or you can run it as root or any user and sculpt > what it can and can't do with rbac/Rsbac/selinux. This ability is said > to be what the venerable OpenBSD lacks but that is very close to > complete rubbish especially in terms of trade-offs, though these acl > systems can! gain a little more merit for desktop systems where > exploits are rife. > > p.s. there's loads of security papers on Android. I've got a pile I've > only read half of (as always). Have you tried e.g.: > > filetype:pdf Android Security uid > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
