asked 2014-01-28 11:12:07 +0300
Hi,
are there any plans to support SELInux or something similar in the Android environment of the phone? I know sticking to native apps helps a lot but sometimes Android Apps are needed (because of the business where you work and so on).
Or are there any other ways without shell hacking to prevent Android apps from getting locations, calendar and phonebook?
answered 2019-04-14 10:24:17 +0300
This is officially back in Jolla plan. See for example: https://git.merproject.org/mer-core/dbus/merge_requests/5 No info as of when though
answered 2015-05-06 17:41:01 +0300
Yes! SELinux is considered as an option for SFOS roadmap.
answered 2019-04-13 22:58:04 +0300
Bumping this, because I had been experimenting with trying to get libvirt/libcrypt/virsh going on my X, and finally got everything built and installed, including selinux-tools, selinux-policy, etc., but eventually found out that I can't get SELinux enabled, (I guess it has to be built into the kernel?), so running any virsh command gives 'illegal instruction' error. The link above, in lakutalo's answer, is dead, so:
https://www.kernel.org/doc/Documentation/security/LSM.txt
tortoisedoc ( 2019-04-13 23:20:20 +0300 )editThis is the first time I read that libvirt depends on SELinux ... and I remember having run libvirt on non-SELinux systems a couple of years ago. "Illegal instruction" sounds a lot more like a binary not being built specifically for the target platform, or an operating system not having a specific trap handler for some feature (like FP emulation).
Maus ( 2019-04-13 23:23:31 +0300 )editI see, thanks ... I don't really know a lot abot it, I thought I was just putting 2 and 2 together... I built libcrypt and libvirt on the phone, so they should be ok, but I installed a couple of selinux rpms that I found on the internet. Maybe they're the problem.
Levone1 ( 2019-04-13 23:32:06 +0300 )edit@tortoisedoc - the info in that link is a little over my head... for one, though, I don't have /sys/kernel/security directory... Is it saying that you can add or modify files there to enable or disable modules, or is it saying that the files there just show which modules are built into the kernel? And what is the program that you would use the "security=..." kernel command line argument to override the kernel configs, is it sepolicy, or...? Thanks
Levone1 ( 2019-04-13 23:40:17 +0300 )edit@Maus - I just remembered that I got some configure or make error about build type, so i used 'build type armeabi...' or something... I guess maybe that could be it. (I jist realized that you said libvirt has nothing to do w/ selinux, so probably not those rpms)
Levone1 ( 2019-04-14 00:00:27 +0300 )editAsked: 2014-01-28 11:12:07 +0300
Seen: 777 times
Last updated: Aug 01 '19
