Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Android Security Features

Avatar for Dave Smith Dave Smith
November 09, 2016
Programming
4
700

Android Security Features

Overview of the core platform elements that make up the Android security model for applications.

Avatar for Dave Smith

Dave Smith

November 09, 2016
Tweet

More Decks by Dave Smith

See All by Dave Smith
ConstraintLayout, Inside and Out
Avatar for Dave Smith devunwired
21
1.7k
Digging Into Android System Services
Avatar for Dave Smith devunwired
8
1.6k
Flattening Layouts with Constraints
Avatar for Dave Smith devunwired
3
290
Hello, Brillo: ELC Edition
Avatar for Dave Smith devunwired
0
250
Mastering CoordinatorLayout Behaviors
Avatar for Dave Smith devunwired
16
1.4k
Hello, Brillo
Avatar for Dave Smith devunwired
1
2.1k
Google Proximity Beacons Overview
Avatar for Dave Smith devunwired
4
230
Proximity Beacons and the Nearby API
Avatar for Dave Smith devunwired
1
1.9k
Getting Your Act Together with CoordinatorLayout
Avatar for Dave Smith devunwired
7
480

Other Decks in Programming

See All in Programming
私の後悔をAWS DMSで解決した話
Avatar for 平目 hiramax
4
210
Ruby×iOSアプリ開発 ~共に歩んだエコシステムの物語~
Avatar for Tomoki Kobayashi temoki
0
320
Improving my own Ruby thereafter
Avatar for monochrome sisshiki1969
1
160
ファインディ株式会社におけるMCP活用とサービス開発
Avatar for starfish719 starfish719
0
1.4k
The Past, Present, and Future of Enterprise Java
Avatar for ivargrimstad ivargrimstad
0
370
Oracle Database Technology Night 92 Database Connection control FAN-AC
Avatar for oracle4engineer oracle4engineer
PRO
1
440
2025 年のコーディングエージェントの現在地とエンジニアの仕事の変化について
Avatar for azukiazusa azukiazusa1
24
12k
JSONataを使ってみよう Step Functionsが楽しくなる実践テクニック #devio2025
Avatar for dafujii dafujii
1
530
Ruby Parser progress report 2025
Avatar for yui-knk yui_knk
1
440
Tool Catalog Agent for Bedrock AgentCore Gateway
Avatar for matsukada licux
6
2.5k
Updates on MLS on Ruby (and maybe more)
Avatar for sylph01 sylph01
1
180
The Past, Present, and Future of Enterprise Java with ASF in the Middle
Avatar for ivargrimstad ivargrimstad
0
110

Featured

See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
162
15k
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
PRO
23
1.4k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
3
620
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
45
7.7k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
Avatar for Irina Nazarova irinanazarova
8
920
A Tale of Four Properties
Avatar for Chris Coyier chriscoyier
160
23k
Building Adaptive Systems
Avatar for Chris Keathley keathley
43
2.7k
BBQ
Avatar for Matthew Crist matthewcrist
89
9.8k
It's Worth the Effort
Avatar for 3n 3n
187
28k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4k
[RailsConf 2023] Rails as a piece of cake
Avatar for Vladimir Dementyev palkan
57
5.8k
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
46
7.6k

Transcript

  1. Android Security Features Dave Smith, PE @devunwired

  2. App Code Sandbox Encryption Permissions

  3. App Code

  4. App Manifest Compiled Code Resources Signature Info Application Package (APK)

  5. App Manifest Compiled Code Resources Signature Info Application Package (APK)

    Authenticate Developer Identity Prevent APK Tampering

  6. JAR Signer Hash Files Hash Hashes Sign w/ Private Key

    APK Signature

  7. JAR Signer APK Signature Hash Files Hash Hashes Sign w/

    Private Key Hash 1MB Chunks Sign w/ Private Key Hash Hashes

  8. Sandbox

  9. Application Sandbox Process Isolation Unique App UID SELinux Domains

  10. # ps USER PID PPID ... NAME ... system 1723

    1240 ... com.android.settings u0_a10 1803 1240 ... android.ext.services u0_a32 1824 1240 ... com.android.deskclock u0_a1 1896 1240 ... android.process.acore u0_a55 1914 1240 ... com.android.printspooler u0_a13 1942 1240 ... com.android.launcher3 system 1974 1240 ... com.android.keychain u0_a8 2000 1240 ... android.process.media u0_a26 2064 1240 ... com.android.calendar u0_a66 2096 1240 ... com.android.quicksearchbox u0_a67 2123 1240 ... com.android.messaging u0_a6 2189 1240 ... com.android.dialer u0_a35 2209 1240 ... com.android.email u0_a65 2229 1240 ... com.android.gallery3d

  11. # ps USER PID PPID ... NAME ... system 1723

    1240 ... com.android.settings u0_a10 1803 1240 ... android.ext.services u0_a32 1824 1240 ... com.android.deskclock u0_a1 1896 1240 ... android.process.acore u0_a55 1914 1240 ... com.android.printspooler u0_a13 1942 1240 ... com.android.launcher3 system 1974 1240 ... com.android.keychain u0_a8 2000 1240 ... android.process.media u0_a26 2064 1240 ... com.android.calendar u0_a66 2096 1240 ... com.android.quicksearchbox u0_a67 2123 1240 ... com.android.messaging u0_a6 2189 1240 ... com.android.dialer u0_a35 2209 1240 ... com.android.email u0_a65 2229 1240 ... com.android.gallery3d

  12. # cd /data/data/com.android.launcher3 # ls -l total 24 drwxrwx--x 2

    u0_a13 u0_a13 4096 2016-09-15 22:23 cache drwxrwx--x 2 u0_a13 u0_a13 4096 2016-09-15 22:23 databases drwxrwx--x 2 u0_a13 u0_a13 4096 2016-11-01 22:13 shared_prefs # cd /data/data/ # ls -l ... drwxr-x--x 6 u0_a6 u0_a6 4096 2016-09-15 22:23 com.android.dialer drwxr-x--x 6 u0_a35 u0_a35 4096 2016-09-15 22:23 com.android.email drwxr-x--x 5 u0_a13 u0_a13 4096 2016-09-15 22:23 com.android.launcher3

  13. $ ps -Z LABEL USER ... NAME ... u:r:system_app:s0 system

    ... com.android.settings u:r:platform_app:s0:c512,c768 u0_a10 ... android.ext.services u:r:untrusted_app:s0:c512,c768 u0_a32 ... com.android.deskclock u:r:priv_app:s0:c512,c768 u0_a1 ... android.process.acore u:r:untrusted_app:s0:c512,c768 u0_a55 ... com.android.printspooler u:r:priv_app:s0:c512,c768 u0_a13 ... com.android.launcher3 u:r:system_app:s0 system ... com.android.keychain u:r:priv_app:s0:c512,c768 u0_a8 ... android.process.media u:r:untrusted_app:s0:c512,c768 u0_a26 ... com.android.calendar u:r:untrusted_app:s0:c512,c768 u0_a66 ... com.android.quicksearchbox u:r:platform_app:s0:c512,c768 u0_a67 ... com.android.messaging u:r:priv_app:s0:c512,c768 u0_a6 ... com.android.dialer u:r:untrusted_app:s0:c512,c768 u0_a35 ... com.android.email u:r:untrusted_app:s0:c512,c768 u0_a65 ... com.android.gallery3d

  14. Data Encryption + Verified Boot

  15. Disk Encryption Encrypts All Writable Data No Passcode Required /data

    dm-crypt Android

  16. Verified Boot Halt Boot on Error Protect Runtime Reads /system

    dm-verity Android Hash System Blocks

  17. Permissions

  18. <manifest package="com.android.browser">
 …
 <uses-permission android:name="android.permission.INTERNET" /> <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
 …


    </manifest>

  19. <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 package="android">
 ... 
 <permission android:name="android.permission.INTERNET"
 android:description="@string/permdesc_createNetworkSockets"
 android:label="@string/permlab_createNetworkSockets"
 android:protectionLevel="normal"

    />
 ...
 <permission android:name="android.permission.ACCESS_FINE_LOCATION"
 android:permissionGroup="android.permission-group.LOCATION"
 android:label="@string/permlab_accessFineLocation"
 android:description="@string/permdesc_accessFineLocation"
 android:protectionLevel="dangerous" />
 ...
 </manifest> frameworks/base/core/res/AndroidManifest.xml

  20. <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 package="android">
 ... 
 <permission android:name="android.permission.INTERNET"
 android:description="@string/permdesc_createNetworkSockets"
 android:label="@string/permlab_createNetworkSockets"
 android:protectionLevel="normal"

    />
 ...
 <permission android:name="android.permission.ACCESS_FINE_LOCATION"
 android:permissionGroup="android.permission-group.LOCATION"
 android:label="@string/permlab_accessFineLocation"
 android:description="@string/permdesc_accessFineLocation"
 android:protectionLevel="dangerous" />
 ...
 </manifest> frameworks/base/core/res/AndroidManifest.xml

  21. Permissions Enforcement Kernel Groups Binder IPC

  22. <permissions>
 …
 <permission name="android.permission.INTERNET" >
 <group gid="inet" />
 </permission>
 …


    </permissions> …
 #define AID_INET 3003 /* can create AF_INET and AF_INET6 sockets */
 …
 static const struct android_id_info android_ids[] = {
 …
 { "inet", AID_INET, },
 …
 };
 … frameworks/base/data/etc/platform.xml system/core/include/private/android_filesystem_config.h

  23. # ps | grep browser u0_a17 2276 1212 ... com.android.browser

    # cat /proc/2276/status Name: android.browser State: S (sleeping) Tgid: 2276 Pid: 2276 PPid: 1212 TracerPid: 0 Uid: 10017 10017 10017 10017 Gid: 10017 10017 10017 10017 FDSize: 256 Groups: 3003 9997 50017 ...

  24. Application System Server Manager Service Binder IPC

  25. Application System Server Manager Service Binder IPC Binder.getCallingUid() Binder.getCallingPid()

  26. Vibrator vib = (Vibrator) getSystemService(VIBRATOR_SERVICE);
 vib.vibrate(500); public class VibratorService extends

    IVibratorService.Stub {
 …
 public void vibrate(int uid, String packageName, long milliseconds, IBinder token) {
 if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.VIBRATE)
 != PackageManager.PERMISSION_GRANTED) {
 throw new SecurityException("Requires VIBRATE permission");
 }
 …
 }
 …
 }

  27. public class VibratorService extends IVibratorService.Stub {
 …
 public void vibrate(int

    uid, String packageName, long milliseconds, IBinder token) {
 if (mContext.checkCallingOrSelfPermission(android.Manifest.permission.VIBRATE)
 != PackageManager.PERMISSION_GRANTED) {
 throw new SecurityException("Requires VIBRATE permission");
 }
 …
 }
 …
 } Vibrator vib = (Vibrator) getSystemService(VIBRATOR_SERVICE);
 vib.vibrate(500);

  28. Protect code integrity Prohibit unauthorized access Preserve data integrity Provide

    user control

  29. @devunwired +DaveSmithDev milehighandroid.com wiresareobsolete.com