Android Oreo updates: changes in how shared memory is handled

OWASP / owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

https://mas.owasp.org/

Creative Commons Attribution Share Alike 4.0 International

11.46k stars 2.26k forks source link

Android Oreo updates: changes in how shared memory is handled #945

Open commjoen opened 5 years ago

commjoen commented 5 years ago

With Android Oreo, the way you can handle shared memory (Securely) has changed. time to udpate the MSTG! https://developer.android.com/about/versions/oreo/android-8.1 Let's check the platform interaction section & data storage section.

commjoen commented 4 years ago

Describe:

what does it do?
how should it be used securely?
what is wrong to do with these api's? - e.g.: what should you be looking for in terms of insecurities?