Hi all,

as you may know, there is a "quadRooter" exploit for most of the available Android devices.

https://www.checkpoint.com/downloads/resources/quadRooter-vulnerability-research-report.pdf

Among others, it is possible to exploit because it is possible to disable SELinux (page 10)

After years of using FreeBSD and securing them, I was astonished when I saw someone disabling SELinux the first time. How could that be?

I am used to securelevels in FreeBSD, see security(7),

https://www.checkpoint.com/downloads/resources/quadRooter-vulnerability-research-report.pdf

The kernel runs with five different security levels.
Any super-user process can raise the level, but no
process can lower it.

chflags(1) is used to harden access to files, with securitylevel 1 or higher it is not possible to alter them neither (in contrast to SELinux where I can change the security contexts of files on a running SELinux hardened system)

The current exploit is a fine example why this kind of approach is needed. No process should be able to disarm a hardened system.

Linux containers do not seem to give too much additional security, so it is always recommended to use SELinux to increase the security..

It sometimes feels like a "better than nothing" trap, giving the false sense of security.

Should SELinux be reworked so that disarming is not possible?

Regards

Peter