| ▲ | miduil 3 hours ago |
| This again does not work under Android, at least in termux compiled with clang/gcc. |
|
| ▲ | jeroenhd 18 minutes ago | parent | next [-] |
| The exploit as posted contains x86 shellcode, so you'd need to drop in the appropriate shellcode to test if it really works. Android wasn't vulnerable the last time, so far it's been a shining beacon of hope for proper SELinux configuration that I wish was more widely available in other places. |
|
| ▲ | staticassertion 3 hours ago | parent | prev | next [-] |
| I assume because the rxrpc module is not loaded / provided and because unprivileged user namespaces are not allowed, which should be sufficient to mitigate. Curious if someone else has more details though. |
|
| ▲ | ronsor 3 hours ago | parent | prev | next [-] |
| Android has a lot of hardening and sandboxing that desktop Linux doesn't (and won't for UX reasons). |
| |
| ▲ | __float an hour ago | parent | next [-] | | > desktop Linux doesn't (and won't for UX reasons) Can you elaborate? | | |
| ▲ | akdev1l 29 minutes ago | parent | next [-] | | A very comprehensive SELinux deployment for one. SELinux will stop any process in android from loading kernel modules, that’s not allowed. The android permission model as a whole is ultimately backed by SELinux. | |
| ▲ | danudey 42 minutes ago | parent | prev [-] | | Not sure what specifically they're referring to, but Android (and iOS) add a lot of sandboxing to ensure that each application can only access its own files, can't access hardware willy-nilly (bluetooth, scanning wifi, etc), can only link against certain libraries, etc. Imagine if Linux only let you run stuff from Flatpak, and if stuff didn't work in Flatpak then too bad for you. Most Linux users would hate it and it would be a mess a lot of the time, so, for user experience (UX) reasons, they don't do it. Android can get away with it because that's been the app paradigm for decades now. |
| |
| ▲ | miduil 3 hours ago | parent | prev | next [-] | | Yes, it demonstrates that it's possible to harden well - at least for some cases. It appears depending on the environment hardened kernel / runtime environments are pretty much possible to have safeguards working today already. | |
| ▲ | 2 hours ago | parent | prev [-] | | [deleted] |
|
|
| ▲ | pjmlp 3 hours ago | parent | prev [-] |
| Because Android is not Linux, as much as some pretend it is. In fact, given the official public APIs, Google could replace the Linux kernel with a BSD, and userspace wouldn't notice, other than rooted devices, and the OEMs themselves baking their Android distro. |
| |
| ▲ | grosswait 3 hours ago | parent [-] | | It absolutely is Linux, and yes the JVM could absolutely run on something else. But it is Linux and you can run Linux binaries directly on it - that just isn’t how it is used by end users. | | |
| ▲ | akdev1l 26 minutes ago | parent | next [-] | | The JVM has nothing to do with Android. There is no JVM running android apps. There was Dalvik VM at one point but now it’s just the Android Runtime. | |
| ▲ | pjmlp 2 hours ago | parent | prev [-] | | No you cannot, the NDK has a specific set of oficial APIS, and the Android team feels in the right to kill any application that doesn't follow the law of Android land. Some folks like the termux rebels, occasionally find out there is a sherif in town. > As documented in the Android N behavioral changes, to protect Android users and apps from unforeseen crashes, Android N will restrict which libraries your C/C++ code can link against at runtime. As a result, if your app uses any private symbols from platform libraries, you will need to update it to either use the public NDK APIs or to include its own copy of those libraries. Some libraries are public: the NDK exposes libandroid, libc, libcamera2ndk, libdl, libGLES, libjnigraphics, liblog, libm, libmediandk, libOpenMAXAL, libOpenSLES, libstdc++, libvulkan, and libz as part of the NDK API. Other libraries are private, and Android N only allows access to them for platform HALs, system daemons, and the like. If you aren’t sure whether your app uses private libraries, you can immediately check it for warnings on the N Developer Preview. https://android-developers.googleblog.com/2016/06/improving-... These stable APIs, https://developer.android.com/ndk/guides/stable_apis | | |
| ▲ | tadfisher an hour ago | parent | next [-] | | What's amazing about Linux is that you don't have to use the system's libc, and you don't have to use dynamic linking. That said, newer Androids use seccomp to restrict which syscalls you can use, basically to what bionic exposes anyway. This doesn't seem to affect Termux and friends, which can apparently run full X11 applications without root. (edit) Notably, splice() is still callable, so maybe the POC needs to be tweaked... | |
| ▲ | stevenhuang 2 hours ago | parent | prev | next [-] | | That's all user space platform specifics, it has no relation to your previous statement where you said 'android is not linux'. Someone can statically build a freestanding executable/so targetting arm64 linux (specifically the right android linux kernel version) and it will run fine on Android. The syscall interface, process model, file descriptors, signals, memory mapping, all of this is Linux, this is what people mean when they say Android is just Linux. | |
| ▲ | dzaima 2 hours ago | parent | prev | next [-] | | That's specific libraries, when using the default linker. You could construct that same behavior on desktop linux too. And you can avoid it equally well on Android - you can statically-link things just fine, you can use libraries you actually control, and presumably use a custom linker if desired. It's utterly non-surprising that "you run code you don't control" results in "said code...can do arbitrary things for unsupported use". (Never mind that, instead of a "sherif", they could've just renamed all private symbols, or just naturally replaced them over time, breaking your code all the same, just in a more confusing way) Also some obligatory Linux vs GNU/Linux comment. (and it's not like GNU/Linux doesn't ever change under your feet - see the glibc DT_HASH debacle) | |
| ▲ | esseph 2 hours ago | parent | prev | next [-] | | https://www.androidpolice.com/google-support-linux-kernels-a... Google relies on Linux LTS kernels. When the Linux LTS team dropped support from 6 years down to 2 years, Google stepped in to cover the 4-year gap. It is Linux. It's basically a distro. | |
| ▲ | anthk 34 minutes ago | parent | prev [-] | | - Waydroid - Is totally Linux |
|
|
|
