Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,811,541 Members 54,065 Now Online
XDA Developers Android and Mobile Development Forum

(4.3+) SWITCH-SCRIPT-CHANGE SELinux STATUS EASY - TEAM-OPTIMA

Tip us?
 
-CALIBAN666-
Old
#1  
-CALIBAN666-'s Avatar
Recognized Contributor - OP
Thanks Meter 3,369
Posts: 5,612
Join Date: Feb 2012
Location: Leverkusen
Arrow (4.3+) SWITCH-SCRIPT-CHANGE SELinux STATUS EASY - TEAM-OPTIMA


Here is my simple flashable scriptbased sollution for change your SELinux status from permissive to enforced and vice versa.
Kernel with init.d support,of course root a installed busybox and terminal emulator on Android 4.3+ running device with custom recovery is needed.

------
What is SELinux and How Does it Benefit Android?
------
SELinux or Security-Enhanced Linux is a Linux kernel security module, which enables users to access and manage several control security policies. This module divides the compliance of security decisions from general security policies as a whole. Hence, the role of SELinux users is not actually related to the roles of the actual system users.

Basically, the system assigns a role, a username and a domain to the user. Therefore, while multiple users may share the same SELinux username, the access control is managed via the domain, which is configured by different policies. These policies usually include specific instructions and permissions, which the user must possess to gain access to the system. A typical policy is made up of a mapping or labeling file, a rule file and an interface file. These files are combined with the SELinux tools provided, to form one single file policy. The said file is then loaded into the kernel, in order to make it active.


What is SE Android?

Project SE Android or Security Enhancements for Android came into existence in order to address critical gaps in Android security. Basically using SELinux in Android, it aims to create secure apps. This project, however, is not limited to SELinux.

SE Android is SELinux; used within its own mobile operating system. It aims to ensure the security of apps in isolated environments. Hence, it clearly defines the actions that apps can take within its system; thereby denying access not stipulated in the policy.

While Android 4.3 was the first to enable SELinux support, Android 4.4 aka KitKat is the very first release to actually work on enforcing SELinux and put it into action. Hence, you can add in a SELinux-supported kernel into Android 4.3, if you are only looking to work with its core functionality. But under Android KitKat, the system has a built-in global enforcement mode.

SE Android greatly enhanced security, as it limits unauthorized access and prevents data leaking out from apps. While Android 4.3 includes SE Android, it does not enable it by default. However, with the emergence of Android 4.4, it is likely that the system will be enabled by default and will automatically include various utilities to enable system administrators to manage various security policies within the platform.

------
1.
Just flash the zip

After this reboot and go to terminal emulator and type following command
to change the SELinux status to "Permissive":


su (enter)
selinux_off (enter)


Now its show this,sorry its german,but moderat means permissive.


-----AND FOR ENFORCING-----

Type following command to change
the SELinux status to "Enforcing":


su (enter)
selinux_on (enter)


Now its show this,sorry its german,but strikt means enforcing.

------
ITS WORKING AND STICK EVEN AFTER REBOOT,NO EXTRA APP
NEEDED TO CHANGE YOUR SELinux Status.
------
GREEEEETZ FROM TEAM-OPTIMA!!!!!!!
Attached Files
File Type: zip SELinux SWITCH-SCRIPT.zip - [Click for QR Code] (150.6 KB, 11 views)
The Following 2 Users Say Thank You to -CALIBAN666- For This Useful Post: [ Click to Expand ]
 
F4uzan
Old
#2  
F4uzan's Avatar
Recognized Contributor
Thanks Meter 1,448
Posts: 2,666
Join Date: Jul 2012
Location: Bandung, Indonesia
Great work bro !
Looking to this once but can't find it
| F4uzan | Optima Team
------------------------------------



The Following User Says Thank You to F4uzan For This Useful Post: [ Click to Expand ]
 
giaki3003
Old
#3  
giaki3003's Avatar
Senior Member
Thanks Meter 56
Posts: 145
Join Date: Jun 2014
Now this is a very useful script:beer::beer:

Sent from my LG-E400 using XDA Free mobile app
The Following User Says Thank You to giaki3003 For This Useful Post: [ Click to Expand ]
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes