Here is my simple flashable scriptbased sollution for change your SELinux status from permissive to enforced and vice versa.
Kernel with init.d support,of course root a installed busybox and terminal emulator on Android 4.3+ running device with custom recovery is needed.
What is SELinux and How Does it Benefit Android?
SELinux or Security-Enhanced Linux is a Linux kernel security module, which enables users to access and manage several control security policies. This module divides the compliance of security decisions from general security policies as a whole. Hence, the role of SELinux users is not actually related to the roles of the actual system users.
Basically, the system assigns a role, a username and a domain to the user. Therefore, while multiple users may share the same SELinux username, the access control is managed via the domain, which is configured by different policies. These policies usually include specific instructions and permissions, which the user must possess to gain access to the system. A typical policy is made up of a mapping or labeling file, a rule file and an interface file. These files are combined with the SELinux tools provided, to form one single file policy. The said file is then loaded into the kernel, in order to make it active.
What is SE Android?
Project SE Android or Security Enhancements for Android came into existence in order to address critical gaps in Android security. Basically using SELinux in Android, it aims to create secure apps. This project, however, is not limited to SELinux.
SE Android is SELinux; used within its own mobile operating system. It aims to ensure the security of apps in isolated environments. Hence, it clearly defines the actions that apps can take within its system; thereby denying access not stipulated in the policy.
While Android 4.3 was the first to enable SELinux support, Android 4.4 aka KitKat is the very first release to actually work on enforcing SELinux and put it into action. Hence, you can add in a SELinux-supported kernel into Android 4.3, if you are only looking to work with its core functionality. But under Android KitKat, the system has a built-in global enforcement mode.
SE Android greatly enhanced security, as it limits unauthorized access and prevents data leaking out from apps. While Android 4.3 includes SE Android, it does not enable it by default. However, with the emergence of Android 4.4, it is likely that the system will be enabled by default and will automatically include various utilities to enable system administrators to manage various security policies within the platform.
Just flash the zip
After this reboot and go to terminal emulator and type following command
to change the SELinux status to "Permissive":
Now its show this,sorry its german,but moderat means permissive.
-----AND FOR ENFORCING-----
Type following command to change
the SELinux status to "Enforcing":
Now its show this,sorry its german,but strikt means enforcing.
ITS WORKING AND STICK EVEN AFTER REBOOT,NO EXTRA APP
NEEDED TO CHANGE YOUR SELinux Status.
GREEEEETZ FROM TEAM-OPTIMA!!!!!!!