On 06/23/2015 11:42 AM, Tal Palant wrote: > so basically install time mac isn't relevant in Android M? > And the first part of labeling is used to block applications with a > large variety of permissions from being installed all together?
As rpcraig explained, only the part of install-time MAC that supported labeling of apps based on signature and optionally package name was ever upstreamed into AOSP. And even in our own branches, we dropped the part of install-time MAC that was enforcing restrictions over Android permissions long ago; only the support for enforcing a whitelist of what apps could be installed remained. Regardless, that was always an install-time permissions check not a runtime check. We also had experimental runtime permission revocation support in our branches for a while back in the 4.2 and earlier days, but dropped that when Android 4.3 was released with App Ops, and switched over to working on that. Which led to our Enterprise Ops mechanism for enforcing enterprise restrictions over App Ops. As the new runtime permissions mechanism seems similar to or based upon App Ops, that seems like a possible area for investigation but we can't do that until we have source for M. None of our middleware MAC enforcement mechanisms were ever accepted into AOSP, only our SELinux contributions. M does include several advances to SELinux in Android, and there will be a couple of talks at the upcoming Linux Security Summit that will be discussing those advances. _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
