On 09/03/2014 11:25 AM, Tal Palant wrote: > i'm interested in understanding two things: > > 1) what resources it protects and how?
Kernel-managed abstractions, i.e. processes, files, sockets, etc. > 2) what attacks it can't prevent that arise the need for MMAC? To the kernel, many higher level operations simply appear as a binder IPC call from an app process to the system_server, and possibly as a subsequent binder IPC call from the system_server to some other app. The semantics of the IPC payload and the correlation among multiple binder calls used to implement a single higher level operation are not known to the kernel. See our paper and presentations for more discussion, http://seandroid.bitbucket.org/PapersandPresentations.html _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
