How can i block specific ipc calls between processes (in theory)? what kind of policy do i need to define in order to do so?
On Mon, Oct 20, 2014 at 4:10 PM, Stephen Smalley <[email protected]> wrote: > On 10/18/2014 05:24 AM, Tal Palant wrote: > > Hello all, > > > > i'm trying to get a better understanding on how SEAndroid can effect the > > ipc in Android. > > > > Can SEAndroid prevent applications from sending binder to other > > applications? > > > > Thanks in advance, > > Yes, we added security hooks to the kernel binder driver, and therefore > SELinux can mediate binder IPC. However, in practice, apps are expected > to be able to call each other, and much IPC is indirect through the > system_server, so the current policy is not enforcing a particular goal > in this regard. > > > -- טל פולו פלנט כי שם כזה יש רק אחד
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
