WAI
Status Update
No update yet.
Comments
am...@google.com
Please provide sample project or apk to reproduce the issue. Also mention the steps to be followed for reproducing the issue with the given sample project or apk.
am...@google.com
Thank you for your interest in the Android Q Beta.
We apologize for the undocumented change in Android Q. The documentation will be corrected in a future release.
The change to block exec() on application data files for targetAPI >= Q is working-as-intended. Please seehttps://android-review.googlesource.com/c/platform/system/sepolicy/+/804149 for background on this change. Calling exec() on writable application files is a W^X (https://en.wikipedia.org/wiki/W%5EX ) violation and represents an unsafe application practice. Executable code should always be loaded from the application APK.
While exec() no longer works on files within the application home directory, it continues to be supported for files within the read-only /data/app directory. In particular, it should be possible to package the binaries into your application's native libs directory and enable android:extractNativeLibs=true, and then call exec() on the /data/app artifacts. A similar approach is done with the wrap.sh functionality, documented athttps://developer.android.com/ndk/guides/wrap-script#packaging_wrapsh .
Additionally, please be aware that executables executed via exec() are not managed according to the Android process lifecycle, and generally speaking, exec() is discouraged from Android applications. While not Android documentation,https://stackoverflow.com/questions/16179062/using-exec-with-ndk covers this in some detail. Relying on exec() may be problematic in future Android versions.
Again, thank you for your interest in the Android Q Beta and this feedback.
We apologize for the undocumented change in Android Q. The documentation will be corrected in a future release.
The change to block exec() on application data files for targetAPI >= Q is working-as-intended. Please see
While exec() no longer works on files within the application home directory, it continues to be supported for files within the read-only /data/app directory. In particular, it should be possible to package the binaries into your application's native libs directory and enable android:extractNativeLibs=true, and then call exec() on the /data/app artifacts. A similar approach is done with the wrap.sh functionality, documented at
Additionally, please be aware that executables executed via exec() are not managed according to the Android process lifecycle, and generally speaking, exec() is discouraged from Android applications. While not Android documentation,
Again, thank you for your interest in the Android Q Beta and this feedback.
ta...@gmail.com
So as I understand you are planning to remove exec() in near future essentially making Android no better, or probably even worse than iOS. Essentially this means you are killing all of server apps, terminal apps like termux, ... . Yes I know that binaries packed in APK can be used, but how long till that is removed, a year?
za...@gmail.com
Primay sever
al...@gmail.com
Hash: SHA512
-----BEGIN PGP SIGNATURE-----
iQHBBAEBCgArJBxhbGkgYWxvb29vb3NoIDxhbGk1NTA2OTRAZ21haWwuY29tPgUC
XKRNIwAKCRDBnEiYpQQQDDi4DAC8fZqidlQoJ4QFKtkH4JSLYaXv+22REwa8lDG6
6Xz4PO6FGC8EfjNjTeOYpQUqgB7ukzk0fUI9JHXYJ7kky7yHWpB8loI0sL2pxnEU
B3IB3j6kJVO1E2+EsK0cw5Q05K+0ePrvvhiRoChPkqm+3WQn5q5ABpIV7OFgFvUO
LgvlEG0SmT696qc9l4OYUgAH9rN1K/odfqNE8jw83VToSU/9l5lWFNkXjY2DElmN
gJKldo+InqpQ+oPMJBFsRMzp1b7jg8F6OaVTqcZbxTIo+y5MHF9WadSzCanVFL9D
sHeDsKZ19TXDgAz5+Uw/8ZQo3aALvdmQ8CZ+lwgaQj+Po0Y8e1h7180h+r2j5YnJ
0J5cK3zsSuVx+tVzvd4ewUxt/ntfixLJt0zZYn21yXS49oHD1HznE4ZkrO2O6Amb
p0OfkFrneaRMR0y4RMlV0SvReey0gMUDCwPtOxUPs3QpPyW/qkEqPpwnW9+JUzQE
qDSPih/kRdLRguMvLmUmSbvBiis=
=SS92
-----END PGP SIGNATURE-----<a href="//
Description
QPP1.190205.018.B3
* Is this a regression from P to Q?
Yes, worked on P, doesn't work on Q, change is undocumented.
* What device are you using? (for example, Pixel XL)
Emulator
* What are the steps to reproduce the problem? (Please provide the minimal reproducible test case.)
Try to run a binary from the apps private data dir (e.g. /data/data/<pkg/files).
* Issue Category e.g. Framework (platform), NDK (platform), Hardware (CPU, GPU, Sensor, Camera), ART (platform), Runtime Permissions etc
Framework (platform) / SELinux, Policy
* What was the expected result?
That I can run the binary.
* What was the actual result?
sh: <stdin>[31]: ./data/user/0/<pkg>/files/toybox: Permission denied
* Relevant logcat output.
W/sh: type=1400 audit(0.0:6585): avc: denied { execute_no_trans } for path="/data/data/eu.thedarken.sdm/files/toybox_sdm" dev="vdc" ino=115932 scontext=u:r:untrusted_app:s0:c110,c256,c512,c768 tcontext=u:object_r:app_data_file:s0:c110,c256,c512,c768 tclass=file permissive=0
* Link to captured Android bug report (shared privately in Drive.)
Previous APIs seem to have this explicitly enabled, but it's missing for API29?
Being allowed to execute your own binaries, e.g. a toybox is necessary for a lot of apps.