Android OEM's applications (in)security and backdoors ... - QuarksLAB
Android OEM's applications (in)security and backdoors ... - QuarksLAB
Android OEM's applications (in)security and backdoors ... - QuarksLAB
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Android</strong> <strong>in</strong>troduction <strong>Android</strong> <strong>security</strong> model Methodology Toward a backdoor without permission Post-exploitation<br />
The permission system<br />
Application restrictions<br />
Least privilege <strong>security</strong><br />
Permission to protect aga<strong>in</strong>st dangerous actions:<br />
SD card write access, INTERNET access, send<strong>in</strong>g SMS, ...<br />
By default, an application doesn’t have any permission<br />
You need to ask for them explicitly <strong>in</strong> <strong>Android</strong>Manifest.xml<br />
Asked permissions are shown to the user at <strong>in</strong>stallation<br />
Boolean choice<br />
A permission can protect:<br />
Functions: AccountManager.getAccounts() (GET_ACCOUNTS)<br />
Intents: <strong>and</strong>roid.<strong>in</strong>tent.action.CALL (CALL_PHONE)<br />
Components: content://contacts (READ_CONTACTS, ...)<br />
A permission is given to an UID <strong>and</strong> not to a packagename<br />
Permission model is applied on native code too<br />
All permissions of each application with the same sharedUserId are<br />
comb<strong>in</strong>ed