mirror of
https://github.com/reactos/syzkaller.git
synced 2024-11-27 21:30:33 +00:00
0eca949a6c
executor: add support for android_untrusted_app sandbox This adds a new sandbox type, 'android_untrusted_app', which restricts syz-executor to the privileges which are available to third-party applications, e.g. those installed from the Google Play store. In particular, this uses the UID space reserved for applications (instead of the 'setuid' sandbox, which uses the traditional 'nobody' user / 65534) as well as a set of groups which the Android-specific kernels are aware of, and finally ensures that the SELinux context is set appropriately. Dependencies on libselinux are avoided by manually implementing the few functions that are needed to change the context of the current process, and arbitrary files. The underlying mechanisms are relatively simple. Fixes google/syzkaller#643 Test: make presubmit Bug: http://b/112900774 |
||
|---|---|---|
| .. | ||
| ast | ||
| bisect | ||
| build | ||
| compiler | ||
| config | ||
| cover | ||
| csource | ||
| db | ||
| gce | ||
| gcs | ||
| hash | ||
| host | ||
| ifuzz | ||
| instance | ||
| ipc | ||
| kd | ||
| log | ||
| mgrconfig | ||
| osutil | ||
| report | ||
| repro | ||
| rpctype | ||
| runtest | ||
| serializer | ||
| signal | ||
| symbolizer | ||
| vcs | ||