Exploring SE for Android

Credits

Foreword

About the Authors

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Errata

Piracy

Questions

1. Linux Access Controls

Changing permission bits

Changing owners and groups

The case for more

Capabilities model

Android's use of DAC

Glancing at Android vulnerabilities

Skype vulnerability

GingerBreak

Rage against the cage

MotoChopper

Summary

2. Mandatory Access Controls and SELinux

Getting back to the basics

Labels

Users

Roles

Types

Access vectors

Multilevel security

Putting it together

Complexities and best practices

Summary

3. Android Is Weird

Android's security model

Binder

Binder's architecture

Binder and security

Zygote – application spawn

The property service

Summary

4. Installation on the UDOO

Retrieving the source

Flashing image on an SD card

UDOO serial and Android Debug Bridge

Flipping the switch

It's alive

Summary

5. Booting the System

Policy load

Fixing the policy version

Summary

6. Exploring SELinuxFS

Locating the filesystem

Interrogating the filesystem

The enforce node

The disable file interface

The policy file

The null file

The mls file

The status file

Access Vector Cache

The booleans directory

The class directory

The initial_contexts directory

The policy_capabilities directory

ProcFS

Java SELinux API

Summary

7. Utilizing Audit Logs

Upgrades – patches galore

The audit system

The auditd daemon

Auditd internals

Interpreting SELinux denial logs

Contexts

Summary

8. Applying Contexts to Files

Labeling filesystems

fs_use

fs_task_use

fs_use_trans

genfscon

Mount options

Labeling with extended attributes

The file_contexts file

Dynamic type transitions

Examples and tools

Fixing up /data

A side note on security

Summary

9. Adding Services to Domains

Init – the king of daemons

Dynamic domain transitions

Explicit contexts via seclabel

Relabeling processes

Limitations on app labeling

Summary

10. Placing Applications in Domains

The case to secure the zygote

Fortifying the zygote

Plumbing the zygote socket

The mac_permissions.xml file

keys.conf

seapp_contexts

Summary

11. Labeling Properties

Labeling via property_contexts

Permissions on properties

Relabeling existing properties

Creating and labeling new properties

Special properties

Control properties

Persistent properties

SELinux properties

Summary

12. Mastering the Tool Chain

Building subcomponents – targets and projects

Exploring sepolicy's Android.mk

Building sepolicy

Controlling the policy build

Digging deeper into build_policy

Building mac_permissions.xml

Building seapp_contexts

Building file_contexts

Building property_contexts

Current NSA research files

Standalone tools

sepolicy-check

sepolicy-analyze

Summary

13. Getting to Enforcing Mode

Updating to SEPolicy master

Purging the device

Setting up CTS

Running CTS

Gathering the results

CTS test results

Audit logs

Authoring device policy

adbd

bootanim

debuggerd

drmserver

dumpstate

installd

keystore

mediaserver

netd

rild

servicemanager

surfaceflinger

system_server

toolbox

untrusted_app

vold

watchdogd

wpa

Second policy pass

init

shell

init_shell.te

Field trials

Going enforcing

Summary

A. The Development Environment

VirtualBox

Ubuntu Linux 12.04 (precise pangolin)

VirtualBox extension pack and guest additions

VirtualBox extension pack

VirtualBox guest additions

Save time with shared folders

The build environment

Oracle Java 6

Summary

Index

Copyright © 2015 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the authors, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: February 2015

Production reference: 1190215

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham B3 2PB, UK.

ISBN 978-1-78439-059-4

www.packtpub.com

Authors

William Confer

William Roberts

Reviewers

Joshua Brindle

Hiromu Yakura

Commissioning Editor

Usha Iyer

Acquisition Editor

Reshma Raman

Content Development Editor

Arvind Koul

Technical Editor

Shiny Poojary

Copy Editors

Shivangi Chaturvedi

Vikrant Phadke

Neha Vyas

Project Coordinator

Neha Bhatnagar

Proofreaders

Paul Hindle

Stephen Silk

Indexer

Priya Sane

Production Coordinator

Conidon Miranda

Cover Work

Conidon Miranda

The first talk of SELinux on Android started almost as soon as Android was announced. The interest at that time was mainly shown by academic circles and developers of SELinux itself. As a longtime user of SELinux in server deployments, I knew its benefits from a security point of view and also knew how much Android could benefit from them.

At t...