SEAndroid enforcement is now mandatory for Android devices. In order to provide the desired level of security for their products, Android OEMs need to be able to minimize their mistakes in writing SEAndroid policies. However, existing SEAndroid and SELinux tools are not very useful for this purpose. It has been shown that SEAndroid policies found in commercially available devices for multiple manufacturers contain mistakes and redundancies. In this paper we present a new tool, SELint, which aims to help OEMs to produce better SEAndroid policies. SELint is extensible and configurable to suit the needs of different OEMs. It is provided with a default configuration based on the AOSP SEAndroid policy, but can be customized by OEMs.
翻译:现在,对机器人装置强制强制执行。为了为其产品提供理想的安全水平,机器人的OEM必须能够最大限度地减少其错误,以制定Se Android政策。然而,现有的Seandroid和SeLinux工具对于这一目的并不十分有用。已经表明,在市场上市场上为多个制造商提供的设备中发现的Seandroid政策含有错误和冗余。在这份文件中,我们提出了一个新的工具,SeLint,旨在帮助OEM制定更好的Seandroid政策。 SeLint是可扩展的,可配置的,以适应不同OEM的需要。它根据AOSP Seandroid政策提供了一种默认配置,但可以由OEMs定制。
相关内容
- Today (iOS and OS X): widgets for the Today view of Notification Center
- Share (iOS and OS X): post content to web services or share content with others
- Actions (iOS and OS X): app extensions to view or manipulate inside another app
- Photo Editing (iOS): edit a photo or video in Apple's Photos app with extensions from a third-party apps
- Finder Sync (OS X): remote file storage in the Finder with support for Finder content annotation
- Storage Provider (iOS): an interface between files inside an app and other apps on a user's device
- Custom Keyboard (iOS): system-wide alternative keyboards
Source: iOS 8 Extensions: Apple’s Plan for a Powerful App Ecosystem
微信扫码咨询专知VIP会员