On 01/23/2013 02:50 PM, William Roberts wrote:
I have some patches I am cleaning up right now for moving the
/data/system policy files to their own location. Since those files are
key to security, as well as the reload prop, these really need to be
protected. I am concerned that the system_data_file domain could grow
to large, given customizations oem's due on Android. Also, by giving
it it's own type, the allow rules really stand out.
In general, I want to see how the community feels about this?
I am also up in the air on what to name the type and the location on /data...
I was thinking /data/security and label them as security_file..
Also we have to make sure we label mac_permissions.xml in the system
image. Obviously the allow rules will have to be updated, I was
thinking along the lines of a nice macro(s), that make it clear this
can manage policies.
Agree with the concept. Not overly concerned about the location or type
as long as it is easily separated from the rest of data; could even be a
subdirectory of /data/system, e.g. /data/system/security or
/data/system/sepolicy.
I don't think we need to label mac_permissions.xml in the system image
differently however. Unlike /data/system and the system_data_file type,
the default system_file type for /system files is not writable by any
confined domain. We can do that because system is mounted read-only
anyway, so there is never a legitimate reason to write to it at runtime
except for updates.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
