Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit 60747d28 authored by Jeff Vander Stoep's avatar Jeff Vander Stoep
Browse files

pm: Apps with shared UID must also share selinux domain 

There are two existing cases where apps that share a sharedUserId
potentially end up in separate SELinux domains.

1. An app installed in /system/priv-app runs in the priv_app domain.
   An app installed on the /data partition which shares a
   sharedUserId with that priv_app would run in the untrusted_app
   domain (e.g. GTS b/72235911). This issue has existed since
   Android N.
2. The untrusted_app domain may now deprecate permissions based on
   targetSdkVersion, so apps with sharedUserId may have different
   permissions based on which targetSdkVersion they use. This issue
   has existed since Android O, but is particularly problematic for
   feature "Deprecate world accessible app data" which puts every app
   targeting P+ into its own selinux domain.

This change fixes #1 and adds a temporary workaround to prevent #2.

Test: cts-tradefed run cts -m CtsSelinuxTargetSdkCurrentTestCases
Test: cts-tradefed run cts -m CtsSelinuxTargetSdk27TestCases
Test: cts-tradefed run cts -m CtsSelinuxTargetSdk25TestCases
Bug: 72290969
Change-Id: I211de05ad6f10b69e3e082cfe977f2dd43d90549
parent 96c2184e
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment