Stephen Smalley wrote:
On Fri, 2012-09-14 at 11:24 -0400, Joshua Brindle wrote:
This is an RFC for clipboard access controls in Android. I still need to do non-SELinux system guards and check for permission when onPrimaryClipChanged() sends notifications to apps listening for clipboard updates.
Change-Id: Ib0b6aeca59511ce71832aee1afd4150d1514a63c
---
.../java/com/android/server/ClipboardService.java | 25 ++++++++++++++++++++
1 file changed, 25 insertions(+)
Do you have a functioning policy for these controls (i.e. one that
allows normal operation but prevents something bad from happening)?
Sort of. My policy is pretty hacked up because the only way this is
useful is if you have multiple, separate app domains, which the
appdomain attribute does a good job of not easily allowing without
duplicating all the rules.
To make devices behave as normal we just need:
allow appdomain appdomain : x_application_data paste;
in app.te, but that won't prevent pasting ever, someone who wants to use
this will have to make a new domain that isn't in the appdomain
attribute and copy all the rules.
On my todo list is to move all the appdomain rules to an interface so
that I can create new domains without access to each other but that
hasn't happened yet.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
