On Fri, Apr 24, 2015 at 11:11 AM, Stephen Smalley <[email protected]> wrote:
> On 04/24/2015 02:09 PM, Tai Nguyen (tainguye) wrote: > > We did verify that the setmask program run with uid 0 and with the same > > domain in both cases. > > Do you mean that although it runs as uid 0, it doesn’t have those > > capabilities? > > Correct. And that's by design. They don't want any privilege > escalation paths from adb shell or apps. > > Don't know what your setmask program is supposed to do, but it sounds > like it ought to be a service daemon instead and take requests by local > socket. > > setuid and setgid are frowned on in Android IIRC their is a check for these now in CTS and you need a waiver to pass if you have these. Thats why they support fs capabilities, use those. If you create a service, start as root and drop to a less privileged uid/gid and keep only the caps you need. Feel free to rip out code from the now defunct auditd. https://bitbucket.org/seandroid/system-core/src/bff8943df22921ebe21934501b796181c6f77d38/auditd/auditd.c?at=seandroid-4.3 > > > _______________________________________________ > Seandroid-list mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to > [email protected]. > -- Respectfully, William C Roberts
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
