SELinux in Android Lollipop and M

More documents

Recommendations

Info

Locking down the Binder (cont'd)• Lollipop shipped with add permission restricted.• M locks down find and list permissions.• Prevents apps from looking up arbitrary binderservices.• If you cannot look up the service binder reference, youcannot call the service.– Binder references are kernel-managed capabilities.• Chrome sandbox / isolated_app restricted to onlyminimal required services.18
Policy Hardening• Forced init to transition domains on exec.– Separate domains added for helper programs and allservices, even oneshot services.• Locked down block device access.– Protecting critical partitions from direct access.– Limiting each domain to only needed partitions.• Removed unconfined domain.– Even init and kernel no longer use it.• Many more neverallows.19
Page 1 and 2: SELinux in Android Lollipop and MSt
Page 3 and 4: CLASSIFICATION HEADERToday's Talk
Page 5 and 6: SELinux in Android 5.0 Lollipop•
Page 7 and 8: Service-specific Protection via SEL
Page 9 and 10: Lollipop Updates●●●5.0.1 thro
Page 11 and 12: SELinux in Android M●●●●●
Page 13 and 14: SELinux and Android Multi-User●
Page 15 and 16: The Chrome for Android sandbox●
Page 17: Locking down the Binder• Binder i
Page 21 and 22: Android & Upstream SELinux• Andro
Page 23 and 24: Ongoing and Future Work• Enable a

SELinux in Android Lollipop and M

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?