Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IPC Sandboxing #2278

Closed
jdspugh opened this issue Jun 26, 2023 · 1 comment
Closed

IPC Sandboxing #2278

jdspugh opened this issue Jun 26, 2023 · 1 comment

Comments

@jdspugh
Copy link

jdspugh commented Jun 26, 2023

To reproduce the situation (using Pixel 4, Android 13): I install Google Lens with networking off. The app asks for the Google app otherwise I can't continue. I install the Google app with networking disabled. Now I can run Google Lens, but network connectivity is disabled. I enable networking on the Google app. Now Google Lens can access the internet despite having the networking off still.

I assume Google Lens talks to the Google app through IPC and can access the internet through it. This means any app can access the internet via any other app that has internet connectivity if the apps agree on a common IPC protocol for doing this. I was going to use GBoard with networking off but now I see apps are not sandboxed between each other. IPC is still available. My keyboard strokes could well be being logged via the Google app to some servers.

Conclusion: Android's IPC needs to be sandboxed in GrapheneOS.
@Niko4u5
Copy link

Niko4u5 commented Jun 26, 2023

#2197 might be what you are looking for

@thestinger thestinger closed this as not planned Won't fix, can't repro, duplicate, stale Jun 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@thestinger @jdspugh @Niko4u5