touch-packages team mailing list archive

Thread
Date

[Bug 1197134] Re: All SDK applications require access to /dev/binder

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Jamie Strandboge <jamie@xxxxxxxxxx>
Date: Fri, 24 Oct 2014 02:52:14 -0000
Reply-to: Bug 1197134 <1197134@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: apparmor-easyprof-ubuntu (Ubuntu Utopic)
       Status: Triaged => Won't Fix

** Changed in: lxc-android-config (Ubuntu Utopic)
       Status: Confirmed => Won't Fix

** Changed in: apparmor-easyprof-ubuntu (Ubuntu)
   Importance: Undecided => High

** Changed in: apparmor-easyprof-ubuntu (Ubuntu)
       Status: Triaged => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor-easyprof-ubuntu
in Ubuntu.
https://bugs.launchpad.net/bugs/1197134

Title:
  All SDK applications require access to /dev/binder

Status in “apparmor-easyprof-ubuntu” package in Ubuntu:
  Confirmed
Status in “lxc-android-config” package in Ubuntu:
  Confirmed
Status in “apparmor-easyprof-ubuntu” source package in Saucy:
  Won't Fix
Status in “lxc-android-config” source package in Saucy:
  Won't Fix
Status in “apparmor-easyprof-ubuntu” source package in Trusty:
  Won't Fix
Status in “lxc-android-config” source package in Trusty:
  Won't Fix
Status in “apparmor-easyprof-ubuntu” source package in Utopic:
  Won't Fix
Status in “lxc-android-config” source package in Utopic:
  Won't Fix

Bug description:
  SDK applications sometimes need the following AppArmor policy to run:

    /dev/binder rw,

  The writes to /dev/binder allow applications to attack binder directly
  which weakens our application confinement policy because there is no
  mediation between binder services.

  The following are the binder services that Ubuntu currently uses:
  - camera
  - media playback service (used by media-hub)

  location was in this group but is already moved away. surface flinger
  was used as a fallback but has been removed. vibrate is not
  implemented but when it is it will only use our API (ie, not binder).
  sensors was implemented as usensors in 14.10. Of the remaining binder
  services listed above, camera is still present for video recording and
  media playback service implements a subset of the android API for
  media playback (it is used by media-hub).

  This bug will be resolved when /dev/binder is no longer used or it is
  only used by one service and therefore the /dev/binder access can move
  into the appropriate policy group.

  Right now, because all apps needs access to /dev/binder, all apps end
  up with access to the camera and media playback services even when
  these policy groups are not specified. Getting rid of /dev/binder
  access is for fine-grained application confinement to work correctly.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor-easyprof-ubuntu/+bug/1197134/+subscriptions