In addition, it seems that after getting the Google Market app on my device it runs in the untrusted_app domain. I guess this would make sense given the comments that the untrusted_app.te file present. But I'm confused by the trust model that is trying to be achieved here. Are shared_app, media_app and its ilk considered to have more trust than untrusted_app? But if that is the case than why would the Google market app be considered less trustful than the Launcher app?
On Saturday, January 11, 2014 11:54:40 AM UTC-5, [email protected] wrote: > > Curious as to why certain apps receive certain SELinux contexts when they > are running. According to the external/sepolicy/untrusted.te file (comments > at the top), it seems that any app that is running between uid 10_000 and > 99_000 should receive the untrusted_app domain. Yet with a recent build of > master it is clear that certain apps don't follow this convention. i.e. the > Launcher app on my device has u0_a13 which translates to 10_013 yet runs in > the shared_app domain. So after searching the shared_app.te file I noticed > the comments that any app signed with the shared > > > > > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
