SELinux permissive
Opened this issue · 2 comments
SElinux is currently permissive due to a lack of working SELinux policies.
This is a problem, not only from a strict security standpoint, but from a usability one also. SafetyNet and Play Integrity API will not play nice with permissive kernels.
It is quite important to get this working in the near future. The ground work is there, just need working policies and a switch on in the kernel.
Some rules for 19.1 have been made, and on a Note 5 device, and allow the device to at least boot and function on wifi, mobile networks and such.
There are some issues though, like missing access to sensors among other things. But this is a WIP
Rules have been written and tested on an S6 for 18.1 and it works in my use case perfectly.
Calls work, GPS, sensors, audio, cameras, etc. Need to rollout fixes to S6e, S6e+, N5 and any other bugs and I think it will be good to port forward to 19.1 and 20