On 05/12/2015 12:46 PM, 食肉大灰兔V5 wrote: > Hi, all > > I noticed that some rooting software can "root" the Android device and > provide root access for other apps, like KingRoot 4.0 recently has > successfully rooted my Nexus 5 running AOSP 5.1.0 R3. I wonder whether > restricting such rooting conduct is one of SEAndroid's objectives? If > yes, then how to protect from it?
Depends on what you mean by "root" the Android device. There's a legitimate way to do that for a Nexus device, i.e. boot into bootloader mode, run fastboot oem unlock, accept it on the screen, wait for userdata to be erased, and then use fastboot to flash any partition you like with a custom image containing anything you want. SE for Android isn't going to prevent that, except insofar as the default policy may interfere with its operation unless they reflash the boot image with one containing a custom policy. Then there is the illegimate way to do it, i.e. install an app or run something via adb shell that exploits a vulnerability in Android to escalate privileges and then proceeds to modify /system or other partitions. In some cases, SE for Android can prevent the privilege escalation, but this depends on the nature of the vulnerability (kernel or userspace) and whether the vulnerable code is reachable/exploitable under the policy. Also, SE for Android can prevent writing to /system or other partitions but if they are using a kernel vulnerability and gaining kernel code execution, then they can just disable SELinux (or any other kernel security feature). With regard to detecting or preventing kernel exploits, Samsung KNOX has something called TIMA that seeks to detect and protect the kernel via software running in the TrustZone secure world. grsecurity is a project that has implemented a number of kernel self-protection features that could potentially be ported to the Android kernel in order to improve its robustness against common flaws. _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
