Linked by Thom Holwerda on Thu 18th Oct 2012 01:51 UTC
Google Pretty cool: an alpha image of Android 4.2 from the leaked LG Nexus device includes SELinux. "According to the layout xml, SELinux will have a status readout tacked-on to the current About Phone screen. It will now list 'SELinux Status' at the very bottom, right under 'Kernel version' and 'Build Number'. If you're wondering why there are 3 options and not just 'on' and 'off', 'Permissive' is a logging mode, which will tell you when it would have blocked something, but won't actually block things. The other key piece of information to get from the string file is that this is an optional mode, don't go around saying that Google is shutting down root functionality or anything. This is for security conscious enterprise and government-types and probably won't be enabled on consumer phones."
Permalink for comment 538942
To read all comments associated with this story, please click here.
Comment by ssokolow
by ssokolow on Thu 18th Oct 2012 03:30 UTC
ssokolow
Member since:
2010-01-21

As long as keeping control of your own device can be implemented in a manner that's as widely-implemented as the non-market APKs toggle, I'd welcome SELinux on end-user Android phones.

Maybe we can finally get general opinion of SELinux turned around by first building an ecosystem of tools, tutorials, and developers on a platform already used to permission-based whitelisting.

(Not to mention, SELinux would complement Android permissions well. From what I remember, they're less granular than SELinux in the areas SELinux is designed to deal with.)

Either way, we definitely need more SELinux adoption. Whitelist-based security is the most powerful part of firewalling and something similar for code execution in non-toy applications is long overdue.

Edited 2012-10-18 03:31 UTC

Reply Score: 3