trusted path execution #33
Comments
ghost
mentioned this issue
|
Hey all. I'm the author of tpe-lkm and this was brought to my attention. I'm happy to contribute in some way. My first observation is the lack of hooking mmap and mprotect, see details in tpe issue 25. |
|
@cormander There's no TPE implementation included here yet. In CopperheadOS, SELinux is used for this so it's among the features that I don't consider high priorities along with MPROTECT and many of the other miscellaneous features. |
|
And I wouldn't really agree with this:
Landing features upstream isn't my goal but rather a means to an end. It means not needing to maintain code out-of-tree and getting more input into the changes. |
|
I suppose I was looking at the PR#32. Ping me if this ever gets considered. Thanks. |
|
@cormander I'd like to include it in some form but I just haven't closely looked at it or thought about it much yet. The grsecurity restrict all option doesn't have a way to do exceptions but might be incompatible with how the app UID/GID model works on Android for some apps that check each other's signature / id and share code i.e. they act as a library. I'd want it to work for that case. |
|
Not too long ago I coded in exceptions via xattr that can be set on files to work around that problem. |
|
This isn't currently in-scope since SELinux can be used to provide the same protection and linux-hardened is intended to be used alongside SELinux or an equivalent rather than handling access control itself. There can be alternative options upstream as LSMs but it's not going to be done here. |
This is a very low priority for linux-hardened since SELinux can be used to provide the same functionality and more.
The text was updated successfully, but these errors were encountered: