Android 安全模型


概述

android system architecture

  • Linux kernel
  • Native userspace
  • Dalvik ART VM
  • Java runtime libraries
  • System Services
  • Android framework libraries

Android App components

  • Activitiee
  • Services
  • Content providers
  • Broadcast receivicers
timfeng@11:48:39:~/android-src $adb shell service list
Found 99 services:
0   carrier_config: [com.android.internal.telephony.ICarrierConfigLoader]
1   phone: [com.android.internal.telephony.ITelephony]
2   isms: [com.android.internal.telephony.ISms]
3   iphonesubinfo: [com.android.internal.telephony.IPhoneSubInfo]
4   simphonebook: [com.android.internal.telephony.IIccPhoneBook]
5   isub: [com.android.internal.telephony.ISub]
...

Android's security model

  • Application Sandboxing
  • Perssions
  • IPC
  • Code Signing and platform keys
  • Multi-User Support
  • SELinux
  • System update OTA
  • Verified boot

Permissions

timfeng@15:19:52:~/tmp $adb shell pm list permissions
All Permissions:

permission:android.permission.REAL_GET_TASKS
permission:android.permission.ACCESS_CACHE_FILESYSTEM
permission:android.permission.REMOTE_AUDIO_PLAYBACK
permission:android.permission.INTENT_FILTER_VERIFICATION_AGENT
...

Copyright © FengGuangtu 2017