So, if I want to isolate untrusted apps from interacting with system resources, but still want system app to access some of their data then I can use levelFrom=user and mark my system app as mlstrustedsubject, right?
Thanks, Tai On 9/23/14, 5:06 PM, "Stephen Smalley" <[email protected]> wrote: >- We could leave them at s0 (i.e. no levelFrom=user) but mark their >domains as mlstrustedsubjects and possibly their data files as >mlstrustedobjects so that they can freely interact with both system >processes/resources at s0 and with apps running on behalf of any user. >However, this would mean that any one of these apps could bridge the >user boundary, whether the app was running on behalf of the owner or a >secondary user. > >- We could enable levelFrom=user for these apps too, thereby running >them with per-user levels like the other apps. However, this would >break their interactions with system processes and resources unless we >annotate those system domains and types with which they interact with >mlstrustedsubject/object markings. > _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
