pjford / droidwall

Automatically exported from code.google.com/p/droidwall
0 stars 0 forks source link

Apps can bypass droidwalls whitelist if started before droidwall upon boot #235

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?

For more information: 
http://androidunderground.blogspot.com/2011/06/lookout-opens-unwanted-data-conne
ctions.html

What is the expected output? What do you see instead?

I expect the default mode for IPTABLES to be DROP instead of ACCEPT even for 
the brief moment before droidwall has successfully started up upon boot.

Please provide any additional information below.

Since root is needed (in order to use droidwall) it would be nice if droidwall 
could create some sort of script that is runned before any app is allowed to 
start (when the device boots up) so that the default (when whitelist is 
enabled) would be something like:

# Policy for chains DROP everything.
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP

This would stop the leakage described in the url above.

Original issue reported on code.google.com by apac...@gmail.com on 28 Jan 2012 at 10:46

GoogleCodeExporter commented 8 years ago
init.d ?

Original comment by axel.how...@yopmail.com on 31 Jan 2012 at 12:18

GoogleCodeExporter commented 8 years ago
(there is already an issue like this hidden somewhere)

this is NOT a droidwall defect

Original comment by axel.how...@yopmail.com on 31 Jan 2012 at 12:25