[...] one must compromise the security of the the Linux kernel.

Discussion in 'Application Development' started by Sanforalini, Nov 4, 2011.

  1. Sanforalini

    Sanforalini New Member
    16

    Nov 4, 2011
    2
    1
    16
    it specialist
    (from http://source.android.com/tech/security/index.html):
    (complete sentence; couldn't get it entirely in the title):

    <quote>
    Like all security features, the Application Sandbox is not unbreakable. However, to break out of the Application Sandbox in a properly configured device, one must compromise the security of the the Linux kernel.
    </quote>

    Whilst this sounds like quite the bold statement, it might cause the slightest grin on the face of many sysadmins.

    Although I surely couldn't break the Linux kernel, compared to BSD flavors of Unix, it's not looked upon as the most secure OS.

    Hence also the existence of the security enhanced Linux kernel.
    (If the kernel is hyper-secure, why need a security enhanced version?)

    So, without further ado, my question :):

    Does android uses the security enhanced Linux kernel?

    If so, why is this not explicitly mentioned on their site:
    Android Security Overview | Android Open Source
    ?

    If not,
    why not?

    best regards,

    S.
    ps: I'm kinda glad I can include links after my, albeit slightly vexed, introduction :$
     

    Advertisement
  2. OfTheDamned

    OfTheDamned The Friendly Undead
    VIP Member
    813

    Oct 29, 2009
    9,692
    8,365
    813
    Right Behind You
    I moved this over to application development for you. I think you will find better answers here.
     
  3. EarlyMon

    EarlyMon The PearlyMon
    Moderator
    10,118

    Jun 10, 2010
    57,623
    70,354
    10,118
    New Mexico, USA
    Not sure how much it matters here. (Not saying it doesn't, saying not sure.)

    Most all Android applications run inside the Dalvik Virtual Machine. Breakout to exploit system vulnerabilities is not nearly as easy as it is with native applications.

    Therefore, the Android exploits today are the ones easy to get to - malware usually installed by users not paying attention to privilege warnings - or trusting pirated versions of apps.
     

Share This Page

Loading...