Hi Stephen, Thanks for your suggestion! That is my real concern, if the program got super privilege such as by buffer overflow to get root, polkit mechanism will be ignored at all, at that time all is free.
Hanks Wang > 在 2013年11月27日,下午10:17,Stephen Smalley <[email protected]> 写道: > >> On 11/27/2013 06:22 AM, Hanks Wang wrote: >> Hi Stephen and SEAndroiders, >> >> It's quite clear that involving SELinux in Android is a wise choice. I know >> seandroiders' great effort for this. May I ask a liberty questions, which >> is if using polkit in the android system, whether SEAndroid is necessary >> and what will happened? >> >> Developers could make polkit embeded in the middle-ware layer in the >> android system, which could determine wether a application could use system >> services or not. We could set the authority for each application to allow >> or deny it's accessing the system services. >> >>> From your security experts side, does the above idea has any security flaw? > > I'm not aware of any plan to integrate polkit into Android. You might > be interested in our middleware MAC extensions, see: > http://selinuxproject.org/page/SEforAndroid#Middleware_MAC > > Regardless, you would still want SELinux at the kernel layer in order to > address security concerns at that level and to ensure that the > middleware security mechanisms (no matter what underlying policy engine > they use) are protected against tampering and bypass. -- This message was distributed to subscribers of the seandroid-list mailing list. If you no longer wish to subscribe, send mail to [email protected] with the words "unsubscribe seandroid-list" without quotes as the message.
