[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 1/1] appdomain r/w apk_tmp_file and shell_data_file on android_cts enabled

In my opinion, it's too general to be applied out of CTS. Only CTStestStubs.apk and Packagemanager need to access to apm_tmp_file and shell_data_file. The denial information is shown as below:

<5>[   76.435272] type=1400 audit(1342043186.382:4): avc:  denied  { read } for  pid=815 comm=42696E646572205468726561642023 name="CtsTestStubs.apk" dev=mmcblk0p12 ino=667811 scontext=u:r:untrusted_app:s0:c9 tcontext=u:object_r:shell_data_file:s0 tclass=file
<5>[   76.435516] type=1400 audit(1342043186.382:5): avc:  denied  { open } for  pid=815 comm=42696E646572205468726561642023 name="CtsTestStubs.apk" dev=mmcblk0p12 ino=667811 scontext=u:r:untrusted_app:s0:c9 tcontext=u:object_r:shell_data_file:s0 tclass=file
<5>[   76.472808] type=1400 audit(1342043186.421:6): avc:  denied  { read write } for  pid=206 comm="PackageManager" path="/data/app/vmdl-400972190.tmp" dev=mmcblk0p12 ino=781829 scontext=u:r:untrusted_app:s0:c9 tcontext=u:object_r:apk_tmp_file:s0 tclass=file
<5>[   97.407379] type=1400 audit(1342043207.359:7): avc:  denied  { read } for  pid=814 comm=42696E646572205468726561642023 name="CtsAppTestCases.apk" dev=mmcblk0p12 ino=667812 scontext=u:r:untrusted_app:s0:c9 tcontext=u:object_r:shell_data_file:s0 tclass=file
<5>[   97.407562] type=1400 audit(1342043207.359:8): avc:  denied  { open } for  pid=814 comm=42696E646572205468726561642023 name="CtsAppTestCases.apk" dev=mmcblk0p12 ino=667812 scontext=u:r:untrusted_app:s0:c9 tcontext=u:object_r:shell_data_file:s0 tclass=file
<5>[   97.410003] type=1400 audit(1342043207.359:9): avc:  denied  { read write } for  pid=206 comm="PackageManager" path="/data/app/vmdl1671180406.tmp" dev=mmcblk0p12 ino=781831 scontext=u:r:untrusted_app:s0:c9 tcontext=u:object_r:apk_tmp_file:s0 tclass=file



On Mon, Jul 30, 2012 at 5:55 AM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote:
On Fri, 2012-07-27 at 15:13 -0700, Haiqing Jiang wrote:
> ---
>  cts.te |    4 ++++
>  1 files changed, 4 insertions(+), 0 deletions(-)

Applied.  However, for each such denial, we need to consider whether
these should only be allowed for CTS purposes or whether they belong as
part of the base policy in general (and if the latter, whether they are
required for all app domains or just some of them).

> diff --git a/cts.te b/cts.te
> index 3600e94..489be1a 100644
> --- a/cts.te
> +++ b/cts.te
> @@ -27,6 +27,10 @@ allow appdomain fs_type:dir_file_class_set getattr;
>  allow appdomain shell_exec:file rx_file_perms;
>  allow appdomain system_file:file rx_file_perms;
>
> +# Accesses to apk_tmp_file and shell_data_file
> +allow appdomain apk_tmp_file:file rw_file_perms;
> +allow appdomain shell_data_file:file r_file_perms;
> +
>  # Read routing information.
>  allow netdomain self:netlink_route_socket { create read write nlmsg_read };
>

--
Stephen Smalley
National Security Agency




--
-----------------------------------
Haiqing Jiang, PH.D student

Computer Science Department, North Carolina State University


[Fedora Users]     [Fedora Legacy]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

Powered by Linux