relax neverallow rules on NETLINK_KOBJECT_UEVENT sockets
Netlink uevent sockets are used by the kernel to inform userspace when certain events occur, for example, when new hardware is added or removed. This allows userspace to take some action based on those messages. Relax the neverallow rule for NETLINK_KOBJECT_UEVENT sockets. Certain device specific app domains, such as system_app, may have a need to receive messages from this socket type. Continue to neverallow NETLINK_KOBJECT_UEVENT sockets for untrusted_app. These sockets have been the source of rooting attacks in Android in the past, and it doesn't make sense to expose this to untrusted_apps. No new SELinux rules are introduced by this change. This is an adjustment of compile time assertions only. Bug: 17525863 Change-Id: I3e538dc8096dc23b9678bcd20e3c1e742c21c967
This commit is contained in:
parent
dd053a9b89
commit
642b80427e
6
app.te
6
app.te
@ -221,9 +221,13 @@ neverallow appdomain
|
||||
netlink_audit_socket
|
||||
netlink_ip6fw_socket
|
||||
netlink_dnrt_socket
|
||||
netlink_kobject_uevent_socket
|
||||
} *;
|
||||
|
||||
# These messages are broadcast messages from the kernel to userspace.
|
||||
# Do not allow the writing of netlink messages, which has been a source
|
||||
# of rooting vulns in the past.
|
||||
neverallow appdomain self:netlink_kobject_uevent_socket { write append };
|
||||
|
||||
# Sockets under /dev/socket that are not specifically typed.
|
||||
neverallow appdomain socket_device:sock_file write;
|
||||
|
||||
|
@ -81,6 +81,9 @@ auditallow untrusted_app {
|
||||
### neverallow rules
|
||||
###
|
||||
|
||||
# Receive or send uevent messages.
|
||||
neverallow untrusted_app self:netlink_kobject_uevent_socket *;
|
||||
|
||||
# Too much leaky information in debugfs. It's a security
|
||||
# best practice to ensure these files aren't readable.
|
||||
neverallow untrusted_app debugfs:file read;
|
||||
|
Loading…
Reference in New Issue
Block a user