upvote

points

by miduil15 hours ago |
comments
upvoteby staticassertion14 hours ago|
next
[-]
I assume because the rxrpc module is not loaded / provided and because unprivileged user namespaces are not allowed, which should be sufficient to mitigate. Curious if someone else has more details though.
reply
upvoteby jeroenhd12 hours ago|
prev|
next
[-]
The exploit as posted contains x86 shellcode, so you'd need to drop in the appropriate shellcode to test if it really works.

Android wasn't vulnerable the last time, so far it's been a shining beacon of hope for proper SELinux configuration that I wish was more widely available in other places.

reply
upvoteby ronsor15 hours ago|
prev|
next
[-]
Android has a lot of hardening and sandboxing that desktop Linux doesn't (and won't for UX reasons).
reply
upvoteby miduil15 hours ago|
parent|
next
[-]
Yes, it demonstrates that it's possible to harden well - at least for some cases. It appears depending on the environment hardened kernel / runtime environments are pretty much possible to have safeguards working today already.
reply
upvoteby __float13 hours ago|
parent|
prev|
next
[-]
> desktop Linux doesn't (and won't for UX reasons)

Can you elaborate?

reply
upvoteby mike_hearn2 hours ago|
parent|
next
[-]
Locking down a desktop OS to modern standards really requires what Apple did with macOS, which requires a degree of central coordination that's beyond the Linux community. It mandates huge changes in almost every area of the OS stack, and all apps have to be sandboxed by default out of the box.

Developers don't like mandatory sandboxing. It has to be forced on them. So you can see the difficulty of doing it in the open source community, which has for decades now had the worst security of any desktop OS platform (even Windows is better).

reply
upvoteby akdev1l12 hours ago|
parent|
prev|
next
[-]
A very comprehensive SELinux deployment for one.

SELinux will stop any process in android from loading kernel modules, that’s not allowed. The android permission model as a whole is ultimately backed by SELinux.

reply
upvoteby lunar_rover11 hours ago|
parent|
prev|
next
[-]
To solve the issue from the source, you need to enforce security through means like mandatory access control. The problem is that existing desktop and server systems are too mature for that to be practical, you'll have to rework almost everything and users will certainly reject it violently due to the breakages.
reply
upvoteby mike_hearn2 hours ago|
parent|
[-]
Apple have shown it can be done with macOS. Not only is every app sandboxed in a usefully robust way (even ones distributed outside the app store) but this has been done in a way smooth enough that users didn't revolt.
reply
upvoteby danudey12 hours ago|
parent|
prev|
[-]
Not sure what specifically they're referring to, but Android (and iOS) add a lot of sandboxing to ensure that each application can only access its own files, can't access hardware willy-nilly (bluetooth, scanning wifi, etc), can only link against certain libraries, etc.

Imagine if Linux only let you run stuff from Flatpak, and if stuff didn't work in Flatpak then too bad for you. Most Linux users would hate it and it would be a mess a lot of the time, so, for user experience (UX) reasons, they don't do it. Android can get away with it because that's been the app paradigm for decades now.

reply
upvoteby 14 hours ago|
parent|
prev|
next
[-]
deleted
reply
upvoteby pjmlp15 hours ago|
prev|
[-]
Because Android is not Linux, as much as some pretend it is.

In fact, given the official public APIs, Google could replace the Linux kernel with a BSD, and userspace wouldn't notice, other than rooted devices, and the OEMs themselves baking their Android distro.

reply
upvoteby grosswait14 hours ago|
parent|
[-]
It absolutely is Linux, and yes the JVM could absolutely run on something else. But it is Linux and you can run Linux binaries directly on it - that just isn’t how it is used by end users.
reply
upvoteby akdev1l12 hours ago|
parent|
next
[-]
The JVM has nothing to do with Android. There is no JVM running android apps.

There was Dalvik VM at one point but now it’s just the Android Runtime.

reply
upvoteby pjmlp14 hours ago|
parent|
prev|
[-]
No you cannot, the NDK has a specific set of oficial APIS, and the Android team feels in the right to kill any application that doesn't follow the law of Android land.

Some folks like the termux rebels, occasionally find out there is a sherif in town.

> As documented in the Android N behavioral changes, to protect Android users and apps from unforeseen crashes, Android N will restrict which libraries your C/C++ code can link against at runtime. As a result, if your app uses any private symbols from platform libraries, you will need to update it to either use the public NDK APIs or to include its own copy of those libraries. Some libraries are public: the NDK exposes libandroid, libc, libcamera2ndk, libdl, libGLES, libjnigraphics, liblog, libm, libmediandk, libOpenMAXAL, libOpenSLES, libstdc++, libvulkan, and libz as part of the NDK API. Other libraries are private, and Android N only allows access to them for platform HALs, system daemons, and the like. If you aren’t sure whether your app uses private libraries, you can immediately check it for warnings on the N Developer Preview.

https://android-developers.googleblog.com/2016/06/improving-...

These stable APIs,

https://developer.android.com/ndk/guides/stable_apis

reply
upvoteby tadfisher13 hours ago|
parent|
next
[-]
What's amazing about Linux is that you don't have to use the system's libc, and you don't have to use dynamic linking.

That said, newer Androids use seccomp to restrict which syscalls you can use, basically to what bionic exposes anyway. This doesn't seem to affect Termux and friends, which can apparently run full X11 applications without root.

(edit) Notably, splice() is still callable, so maybe the POC needs to be tweaked...

reply
upvoteby pjmlp6 hours ago|
parent|
[-]
Yes, at which point it isn't GNU/Linux, rather something else built on top of the Linux kernel.

As for termux,

https://wiki.termux.com/wiki/Termux_Google_Play

reply
upvoteby stevenhuang14 hours ago|
parent|
prev|
next
[-]
That's all user space platform specifics, it has no relation to your previous statement where you said 'android is not linux'.

Someone can statically build a freestanding executable/so targetting arm64 linux (specifically the right android linux kernel version) and it will run fine on Android. The syscall interface, process model, file descriptors, signals, memory mapping, all of this is Linux, this is what people mean when they say Android is just Linux.

reply
upvoteby pjmlp6 hours ago|
parent|
[-]
Yes, exactly PlayStore isn't GNU/Linux, normies don't use ADB.
reply
upvoteby dzaima14 hours ago|
parent|
prev|
next
[-]
That's specific libraries, when using the default linker. You could construct that same behavior on desktop linux too. And you can avoid it equally well on Android - you can statically-link things just fine, you can use libraries you actually control, and presumably use a custom linker if desired. It's utterly non-surprising that "you run code you don't control" results in "said code...can do arbitrary things for unsupported use". (Never mind that, instead of a "sherif", they could've just renamed all private symbols, or just naturally replaced them over time, breaking your code all the same, just in a more confusing way)

Also some obligatory Linux vs GNU/Linux comment. (and it's not like GNU/Linux doesn't ever change under your feet - see the glibc DT_HASH debacle)

reply
upvoteby esseph14 hours ago|
parent|
prev|
next
[-]
https://www.androidpolice.com/google-support-linux-kernels-a...

Google relies on Linux LTS kernels. When the Linux LTS team dropped support from 6 years down to 2 years, Google stepped in to cover the 4-year gap.

It is Linux. It's basically a distro.

reply
upvoteby pjmlp6 hours ago|
parent|
[-]
When people say Linux they mean GNU/Linux.
reply
upvoteby cyphar5 hours ago|
parent|
next
[-]
In common parlance, yes -- because there is no practical distinction. But in cases where something is just using the Linux kernel without GNU and other common userpand components (and there is a practical distinction) then it's definitionally untrue to say that it's "not Linux" if you really meant to say "it's not GNU/Linux".
reply
upvoteby nonameiguess2 hours ago|
parent|
prev|
[-]
Alpine Linux is not using GNU. I'm sure there are others. No definition you can ever come up with will have no exceptions in widespread use. Live with it.
reply
upvoteby anthk12 hours ago|
parent|
prev|
[-]
- Waydroid

- Is totally Linux

reply