Fixing security vuln by tightening race condition window.
A proper fix for this feature requires reworking binder permission checking to take the selinux context and not the pid. This is feature work that should be done for P to properly fix these race conditions that occur elsewhere in the code. Bug: 68217699 Test: KeyStore keygen permissions cannot be bypassed through PID cycling Change-Id: I1ba5210010d6c413c9b1dbde3df0cc566400bfac Merged-In: I1ba5210010d6c413c9b1dbde3df0cc566400bfac (cherry picked from commit ef4f067c)
Loading
Please sign in to comment