You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »

(THIS CODING RULE OR GUIDELINE IS UNDER CONSTRUCTION)

This rule was developed in part by Robin Yuan at the October 20-22, 2017 OurCS Workshop (http://www.cs.cmu.edu/ourcs/register.html). 
For more information about this statement, see the About the OurCS Workshop page.

Chin, et al., [Chin 2011] says: "If a Service is exported and not protected with strong permissions, then any application can start and bind to the Service. Depending on the duties of a particular Service, it may leak information or perform unauthorized tasks. Services sometimes maintain singleton application state, which could be corrupted."

To guard against such eventualities, an exported service should always be protected with strong permissions.

Noncompliant Code Example

This noncompliant code example shows an exported service that is unprotected by permissions and which sends sensitive information when started by an arbitrary application:

TBD

Compliant Solution

This compliant solution shows the permissions set in the manifest that prevent the service shown in the noncompliant code example from being started by an inappropriate application:

TBD

Risk Assessment

Failing to protect an exported service with strong permissions may lead to sensitive data being revealed or to denial of service.

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

DRD07-J

High

Probable

Medium

P12

L1

Automated Detection

Automatic detection of an exported service is straightforward. It is not feasible to automatically determine whether appropriate permissions have been set in the manifest.

Related Vulnerabilities

  • CVE-2017-12816 In Kaspersky Internet Security for Android 11.12.4.1622, some of application exports activities have weak permissions

Related Guidelines

 CWE-926

Improper Export of Android Application Components

Bibliography

 


  • No labels