Analysis of SEAndroid Policies: Combining MAC and DAC in Android

Android has become a dominant computing platform, and its popularity has coincided with a surge of malware. The incorporation of SEAndroid has been one of the most important security enhancements to the platform. While SEAndroid adds the mandatory protection benefits that SELinux brought to desktops and servers, the protection is only as good as the policy. Existing Android devices contain a wide variety of SEAndroid policies, depending on both the version of Android as well as the device manufacturer. In this paper, we present a systematic approach to understand SEAndroid policies and their problem areas. We apply our approach to four different versions of Android Open Source Project (AOSP) as well as devices from seven different manufacturers. In all of these policies, we found trends that lead to unintentional privilege assignments (e.g., compositional privileges and coarse object types). More importantly, these trends identify a new approach for analyzing, comparing, and discussing SEAndroid policies that will greatly benefit future policy versions.