1. Check out our companion app, Forums for Android! Download from Google Play

[...] one must compromise the security of the the Linux kernel.

Discussion in 'Application Development' started by Sanforalini, Nov 4, 2011.

  1. Sanforalini

    Sanforalini New Member
    Thread Starter

    Nov 4, 2011
    it specialist
    (from http://source.android.com/tech/security/index.html):
    (complete sentence; couldn't get it entirely in the title):

    Like all security features, the Application Sandbox is not unbreakable. However, to break out of the Application Sandbox in a properly configured device, one must compromise the security of the the Linux kernel.

    Whilst this sounds like quite the bold statement, it might cause the slightest grin on the face of many sysadmins.

    Although I surely couldn't break the Linux kernel, compared to BSD flavors of Unix, it's not looked upon as the most secure OS.

    Hence also the existence of the security enhanced Linux kernel.
    (If the kernel is hyper-secure, why need a security enhanced version?)

    So, without further ado, my question :):

    Does android uses the security enhanced Linux kernel?

    If so, why is this not explicitly mentioned on their site:
    Android Security Overview | Android Open Source

    If not,
    why not?

    best regards,

    ps: I'm kinda glad I can include links after my, albeit slightly vexed, introduction :$


  2. OfTheDamned

    OfTheDamned The Friendly Undead

    Oct 29, 2009
    Right Behind You
    I moved this over to application development for you. I think you will find better answers here.
  3. EarlyMon

    EarlyMon The PearlyMon

    Jun 10, 2010
    New Mexico, USA
    Not sure how much it matters here. (Not saying it doesn't, saying not sure.)

    Most all Android applications run inside the Dalvik Virtual Machine. Breakout to exploit system vulnerabilities is not nearly as easy as it is with native applications.

    Therefore, the Android exploits today are the ones easy to get to - malware usually installed by users not paying attention to privilege warnings - or trusting pirated versions of apps.

Share This Page