RE: Seandroid-list Digest, Vol 21, Issue 7

Mon, 24 Aug 2015 13:55:14 -0700 

"restorecon_recursive" does not relabel the files under "/data/data".
It ultimately calls the function "selinux_android_restorecon_common" in 
"/external/libselinux/src/android.c",
in which you could find files relabeling under "/data/data" is skipped without 
the flag SELINUX_ANDROID_RESTORECON_DATA.

I think you could try to use "restorecon" or "restorecon_recursive" for your 
specific locations.

----------------------------------------------------------------------

Message: 1
Date: Mon, 24 Aug 2015 10:29:12 +0900
From: ??? <jonesn5...@gmail.com>
To: seandroid-list@tycho.nsa.gov
Subject: I have some question about restorcon_recursive's skipped
        because of symbolic-link attribute.
Message-ID:
        <ca+zkwnvuemfzoep4f2dur2d00ljau+tjrllhtdy+j+e2-dl...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"

Dear all.

At the booting time, I know restorecon_recursive about /data in init.rc or
restsorecon_recursive(/sys) in init.cpp.

/system/core/rootdir/init.rc
369     # Set SELinux security contexts on upgrade or policy update.
370     restorecon_recursive /data

/system/core/init/init.cpp
1208     restorecon_recursive("/sys");

But, it doesn't work well likes bellow file attribute like symbolic-link.

/data/data/com.nhn.android.search # ls -Z
lrwxrwxrwx install  install           *u:object_r:app_data_file:s0* *lib ->
/mnt/asec/com.nhn.android.search-2/lib/arm*/

When upgrading processing L to M OS, this label (/data/data/"pakcage") has to 
change app_data_file:s0:c512,c768, but didn't work about symbolic link 
attribute file.

When I execute command restorecon /data/data/com.nhn.android.search in adb 
shell.
It did well like bellow.
drwxr-x--x u0_a184  u0_a184           u:object_r:app_data_file:s0:c512,c768
com.nhn.android.search

How can I resolve this issue.

Thanks. Regard...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 
<http://prometheus.infosec.tycho.ncsc.mil/pipermail/seandroid-list/attachments/20150824/8089f23c/attachment-0001.html>

------------------------------

Subject: Digest Footer

_______________________________________________
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.


------------------------------

End of Seandroid-list Digest, Vol 21, Issue 7
*********************************************

_______________________________________________
Seandroid-list mailing list
Seandroid-list@tycho.nsa.gov
To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov.
To get help, send an email containing "help" to 
seandroid-list-requ...@tycho.nsa.gov.

Reply via email to