On 10/20/2016 08:02 AM, peng fei wrote: > I want to model the security protection ability of SEAndroid. > I suppose to establish the model by extracting subjects which perform > action on the same object. > OR extracting object which can be performed action by the same subject. > For example, /data/anr(/.*)?u:object_r:anr_data_file:s0 > > allow system_server anr_data_file:dir create_dir_perms; > allow shell anr_data_file:dir r_dir_perms; > allow dumpstate anr_data_file:dir { rw_dir_perms relabelto }; > toward the anr_data_file:, the subject perform action on it is shell, > system_server, dumpstate and so on. > > Is it a good method to model SEAndroid security capability? > If I use the method to extract the subject and object, I also confuse > how to analyse the extracting result. > Please give me some suggesstion about how to model the security > capability, and If I use the method above, how to analyse the > extracting result. > Thanks advance.
That's already done for you in the SELinux policy; domain types are subjects and all types can be objects; each type is a security equivalence class (i.e. all processes with the same domain type have the same permissions to the same objects; all objects with the same type can be accessed by the same subjects in the same way). setools already provides SELinux policy analysis tools, and the Android tree includes prebuilt versions of sesearch and friends that will work with that Android version's policy format. _______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.