Go Back   Android Forums > Android Development > Application Development
Application Development Dev lounge for our application developers.

test: Reply
 
LinkBack Thread Tools
Old November 4th, 2011, 10:00 AM   #1 (permalink)
New Member
Thread Author (OP)
 
Join Date: Nov 2011
Posts: 2
 
Device(s):
Carrier: Not Provided

Thanks: 0
Thanked 1 Time in 1 Post
Question [...] one must compromise the security of the the Linux kernel.

(from http://source.android.com/tech/security/index.html):
(complete sentence; couldn't get it entirely in the title):

<quote>
Like all security features, the Application Sandbox is not unbreakable. However, to break out of the Application Sandbox in a properly configured device, one must compromise the security of the the Linux kernel.
</quote>

Whilst this sounds like quite the bold statement, it might cause the slightest grin on the face of many sysadmins.

Although I surely couldn't break the Linux kernel, compared to BSD flavors of Unix, it's not looked upon as the most secure OS.

Hence also the existence of the security enhanced Linux kernel.
(If the kernel is hyper-secure, why need a security enhanced version?)

So, without further ado, my question :

Does android uses the security enhanced Linux kernel?

If so, why is this not explicitly mentioned on their site:
Android Security Overview | Android Open Source
?

If not,
why not?

best regards,

S.
ps: I'm kinda glad I can include links after my, albeit slightly vexed, introduction :$

Advertisements
Sanforalini is offline  
Reply With Quote
sponsored links
Old November 4th, 2011, 11:38 AM   #2 (permalink)
The Friendly Undead
 
OfTheDamned's Avatar
 
Join Date: Oct 2009
Location: Right Behind You
Posts: 9,696
 
Device(s): Droid Razr Maxx
Carrier: Not Provided

Thanks: 3,714
Thanked 8,839 Times in 3,067 Posts
Default

I moved this over to application development for you. I think you will find better answers here.
__________________
Site Rules and Guidelines - Learn them, live them and love them.

Does a post have your blood boiling? Make a instead of a retort.
OfTheDamned is offline  
Reply With Quote
Old November 4th, 2011, 11:44 AM   #3 (permalink)
The PearlyMon
 
EarlyMon's Avatar
 
Join Date: Jun 2010
Location: New Mexico, USA
Posts: 46,379
 
Device(s): M8, LTEvo, 3vo, and Shift - Evo retired
Carrier: Sprint

Thanks: 42,731
Thanked 57,187 Times in 22,979 Posts
Default

Not sure how much it matters here. (Not saying it doesn't, saying not sure.)

Most all Android applications run inside the Dalvik Virtual Machine. Breakout to exploit system vulnerabilities is not nearly as easy as it is with native applications.

Therefore, the Android exploits today are the ones easy to get to - malware usually installed by users not paying attention to privilege warnings - or trusting pirated versions of apps.
EarlyMon is offline  
Reply With Quote
Reply
Tags
linux kernel, operating system, security


Go Back   Android Forums > Android Development > Application Development
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -5. The time now is 09:46 PM.
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.