File Capabilities in Android
Akhil Arora
Hi,
I’m
trying to come up with a proof of concept to set file capabilities on Android.
The capability support on Android is limited — not all APIs in the libcap2
package for Linux seem to exist.
Are all Linux defined file capabilities supported on Android, including security? If so, how do I do the equivalent of getcap and setcap once I adb-shell into the device? The goal really is build a simple program (for example - an executable that allows the user to change uid to root via CAP_SETUID) using the SDK/NDK tools.
Thank you for the help.
Nick Kralevich
--
--
unsubscribe: android-kerne...@googlegroups.com
website: http://groups.google.com/group/android-kernel
---
You received this message because you are subscribed to the Google Groups "Android Linux Kernel Development" group.
To unsubscribe from this group and stop receiving emails from it, send an email to android-kerne...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Akhil Arora
Thank you for the reply.
I want to query for and set file capabilities on an android device. If a file posseses a capability, an extended attribute is set belonging to the "security.capability" sub-domain.
Thus we can query for capabilities, by querying for extended attributes. The listxattr() method is available for a device and can be used to list all the extended attributes associated with
a file. I am unable to produce the same results on both a linux machine and an android device, using this.
Please go through output as mentioned below. The source to generate the same is attached.
#################################################
Output:
#################################################
* On a linux machine running Ubuntu:
1) The file setuid.c has the CAP_SETUID capability and has an extended attribute belonging to the user domain -- user.comment.
$ ./a.out setuid.c
The capability version:429392688
------- The capability test begins ! --------------------
listxattr: Success
The size of the attribute list for file setuid.c is:33
YES!, There are attributes associated with the file: setuid.c
The extended attribute name is:security.capability
The extended attribute name is:user.comment
* On an x86 Android device:
1) The file run-as possesses the CAP_SETUID and CAP_SETGID capability, as per a reply to this post by Nick Kralevich.
/system/bin # listAttr run-as
listAttr run-as
The capability version:429392688
------- The capability test begins ! --------------------
listxattr: Success
The size of the attribute list for file run-as is:0
No!, There aren't any attributes associated with the file: run-as
/system/bin #
The same is not listed in the program output. In the output there is no attribute belonging to the security.capability sub-domain, which was the expected output.
2) The file test.txt possesses the extended attribute in the user.comment sub-domain.
/system/bin # listAttr /data/data/testdir/test.txt
listAttr /data/data/testdir/test.txt
The capability version:429392688
------- The capability test begins ! --------------------
listxattr: Success
The size of the attribute list for file /data/data/testdir/test.txt is:13
YES!, There are attributes associated with the file: /data/data/testdir/test.txt
The extended attribute name is:user.comment
/system/bin #
The same is listed in the program output, which is the expected output.
#################################################
Conclusion:
#################################################
These two examples make it clear that there is some problem in querying for the "security.capability" sub-domain on a device. It doesn't behave as expected.
Regards,
Akhil