On 04/19/2013 10:16 AM, Kotikela, Srujan wrote:
Hi William,
Thanks for the reply. I understand that the middleware IPC don't need selinux
enabled kernel. I was just trying to check if middleware IPC will be subjected
to policy verification at kernel level on a selinux enabled kernel. In other
words, will all forms of IPC be verified against seandroid policies in the
kernel? If not, will there be any security implications? Any pointers to
related work/literature would be appreciated.
It is already the case that all IPC has to ultimately go through the
kernel and is mediated by SELinux in terms of senders and receivers and
the passing of kernel-managed objects (e.g. binder references, open
files), as I mentioned.
However, the kernel only sees the direct IPCs and thus may not be aware
of how e.g. one IPC from app A to the system_server is related to a
subsequent IPC from the system_server to app B. The kernel also does
not understand anything about the semantics of the IPC payload.
The middleware MAC's job is to control these relationships and apply
controls over the higher level abstractions and operations implemented
via the IPC. The middleware MAC does not query the kernel layer MAC for
its decisions.
--
This message was distributed to subscribers of the seandroid-list mailing list.
If you no longer wish to subscribe, send mail to [email protected] with
the words "unsubscribe seandroid-list" without quotes as the message.
