English

SELint: an SEAndroid policy analysis tool

Cryptography and Security 2017-03-14 v3

Abstract

SEAndroid enforcement is now mandatory for Android devices. In order to provide the desired level of security for their products, Android OEMs need to be able to minimize their mistakes in writing SEAndroid policies. However, existing SEAndroid and SELinux tools are not very useful for this purpose. It has been shown that SEAndroid policies found in commercially available devices for multiple manufacturers contain mistakes and redundancies. In this paper we present a new tool, SELint, which aims to help OEMs to produce better SEAndroid policies. SELint is extensible and configurable to suit the needs of different OEMs. It is provided with a default configuration based on the AOSP SEAndroid policy, but can be customized by OEMs.

Keywords

Cite

@article{arxiv.1608.02339,
  title  = {SELint: an SEAndroid policy analysis tool},
  author = {Elena Reshetova and Filippo Bonazzi and N. Asokan},
  journal= {arXiv preprint arXiv:1608.02339},
  year   = {2017}
}

Comments

12 pages

R2 v1 2026-06-22T15:14:37.284Z