On 02/25/2014 08:26 AM, Stephen Smalley wrote:
> On 02/24/2014 06:56 PM, Jaejyn Shin wrote:
>> Hi SEAndroid developers.
>>
>> I want to give a security context to downloaded application (from market).
>> After studying MMAC, I realized that I can classify the applications using
>> app signing key.
>>
>> I modified mac_permissions.xml, seapp_contexts and so on...
>> And I made my application using my own key in order to assign my_domain to
>> my app, and install the app to my device (adb install).
>>
>> But my application was still in the untrusted_app domain.
>> I found the reason in the below code (SELinuxMMAC.java).
>> -------------------------------------------------------------------------------------------------------
>> public static void assignSeinfoValue(PackageParser.Package pkg) {
>> /*
>> * Non system installed apps should be treated the same. This
>> * means that any post-loaded apk will be assigned the default
>> * tag, if one exists in the policy, else null, without respect
>> * to the signing key.
>> */
>> if (((pkg.applicationInfo.flags & ApplicationInfo.FLAG_SYSTEM) != 0) ||
>> ((pkg.applicationInfo.flags &
>> ApplicationInfo.FLAG_UPDATED_SYSTEM_APP) != 0)) {
>> // We just want one of the signatures to match.
>> for (Signature s : pkg.mSignatures) {
>> if (s == null)
>> continue;
>> if (sSigSeinfo.containsKey(s)) {
>> String seinfo = pkg.applicationInfo.seinfo =
>> sSigSeinfo.get(s);
>> if (DEBUG_POLICY_INSTALL)
>> Slog.i(TAG, "package (" + pkg.packageName + ") labeled
>> with seinfo=" + seinfo);
>> return;
>> }
>> }
>>
>> // Check for seinfo labeled by package.
>> if (sPackageSeinfo.containsKey(pkg.packageName)) {
>> String seinfo = pkg.applicationInfo.seinfo =
>> sPackageSeinfo.get(pkg.packageName);
>> if (DEBUG_POLICY_INSTALL)
>> Slog.i(TAG, "package (" + pkg.packageName +
>> ") labeled with seinfo=" + seinfo);
>> return;
>> }
>> }
>>
>> // If we have a default seinfo value then great, otherwise
>> // we set a null object and that is what we started with.
>> String seinfo = pkg.applicationInfo.seinfo = sSigSeinfo.get(null);
>> if (DEBUG_POLICY_INSTALL)
>> Slog.i(TAG, "package (" + pkg.packageName +
>> ") labeled with seinfo=" + (seinfo == null ? "null" :
>> seinfo));
>> }
>> -------------------------------------------------------------------------------------------------------
>>
>> I don't want to use package name or app name because of the security
>> problem.
>>
>> Is there any way to assign security context to downloaded app using my app
>> signing key ?
>
> See:
> https://android-review.googlesource.com/#/c/80871/
BTW, this support, along with support for rejecting the installation of
apps that do not pass any stanza in mac_permissions.xml, is included in
our SELinuxMMAC.java code available from our seandroid and seandroid-4.*
branches.
_______________________________________________
Seandroid-list mailing list
[email protected]
To unsubscribe, send email to [email protected].
To get help, send an email containing "help" to
[email protected].
