On 11/28/2012 05:27 PM, Tai Nguyen (tainguye) wrote:
All,
Currently, shell has very limited permission (i.e., can't do ps) and we
have to move to su domain to do those commands.
On our devices, su is not available, thus, we can't use the su
transition rule. Can we do type transition based on the shell id ?
Since seandroid uses both DAC and MAC, I think it make sense to have
unconfined_domain for account with low privilege so that it can't cause
much damage to the system.
I'm not sure what you mean by a type transition based on the shell id.
But making the shell on a production device unconfined would certainly
not be a good idea, as it would remove any SELinux protection against
root exploits launched from an adb shell. That said, if you can
enumerate exactly what accesses you think should be possible from an
(unprivileged) user shell on a production device, we can certainly
extend the shell domain along those lines. And there might be different
sets of rules for different target devices (e.g. consumer vs corporate),
either controllable by policy boolean or by using different policy variants.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
