Xamarin 应用程序沙箱中的全局可读可写 __override__ 目录
World readable writable __override__ directory in Xamarin application sandbox
任何人都可以阐明 Xamarin 在应用程序沙箱中创建的 __override__ 文件夹的指定吗?事实证明,它是世界可读可写的,这会导致安全检查出现问题。我已经在库存设备上针对生产应用程序对其进行了测试并得到以下信息:
shell@m0:/data/data/com.myapp/files/.__override__ $ mkdir testdir
shell@m0:/data/data/com.myapp/files/.__override__ $ echo "content" >> testfile
shell@m0:/data/data/com.myapp/files/.__override__ $ ls
testdir
testfile
shell@m0:/data/data/com.myapp/files/.__override__ $
有什么方法可以删除此文件夹或使其与其他应用程序沙盒文件夹一样受到保护?
这是 5.1 之前 Xamarin.Andriod 中的一个已知漏洞。
使用 Xamarin.Android 5.1 或更高版本 发布模式[=30 重建/重新部署您的应用=].
当前版本:
- 稳定:
- Xamarin.Android6.0.1
- Alpha 预览版 2 – Cycle 6 Service Release 1
- Xamarin.Android6.0.1.5
Xamarin for Android <5.1 DLL Hijack Vulnerability From: ValdikSS Date: Tue, 19 May 2015 16:49:51 +0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Xamarin for Android prior to version 5.1 allows to replace internal
DLL files inside the APK with files on SD card which are not in a
secure storage. Malicious application without any special permissions
could drop backdoored DLL files into
/storage/sdcard0/Android/data/app_id/files/.override/
and the victim application would use files from SD. Not just the main
application library could be hijacked, but also Xamarin's System.dll
and Mono.Android.dll, which are shipped in all Xamarin for Android
applications.
Developers should rebuild their applications using Xamarin for Android
5.1 or newer in the release mode.
This vulnerability was found by accident, which allowed me to eat for
free for a month.
Timeline:
03.04.2015 Vulnerability is found
07.04.2015 Message sent to Xamarin
08.04.2015 Xamarin acknowledged the vulnerability
29.04.2015 Fixed stable version released
-----BEGIN PGP SIGNATURE-----
已直接询问 Xamarin 支持,事实证明这是一个回归错误,将通过进一步更新修复:https://bugzilla.xamarin.com/show_bug.cgi?id=37422
任何人都可以阐明 Xamarin 在应用程序沙箱中创建的 __override__ 文件夹的指定吗?事实证明,它是世界可读可写的,这会导致安全检查出现问题。我已经在库存设备上针对生产应用程序对其进行了测试并得到以下信息:
shell@m0:/data/data/com.myapp/files/.__override__ $ mkdir testdir
shell@m0:/data/data/com.myapp/files/.__override__ $ echo "content" >> testfile
shell@m0:/data/data/com.myapp/files/.__override__ $ ls
testdir
testfile
shell@m0:/data/data/com.myapp/files/.__override__ $
有什么方法可以删除此文件夹或使其与其他应用程序沙盒文件夹一样受到保护?
这是 5.1 之前 Xamarin.Andriod 中的一个已知漏洞。
使用 Xamarin.Android 5.1 或更高版本 发布模式[=30 重建/重新部署您的应用=].
当前版本:
- 稳定:
- Xamarin.Android6.0.1
- Alpha 预览版 2 – Cycle 6 Service Release 1
- Xamarin.Android6.0.1.5
Xamarin for Android <5.1 DLL Hijack Vulnerability From: ValdikSS Date: Tue, 19 May 2015 16:49:51 +0300
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Xamarin for Android prior to version 5.1 allows to replace internal DLL files inside the APK with files on SD card which are not in a secure storage. Malicious application without any special permissions could drop backdoored DLL files into
/storage/sdcard0/Android/data/app_id/files/.override/
and the victim application would use files from SD. Not just the main application library could be hijacked, but also Xamarin's System.dll and Mono.Android.dll, which are shipped in all Xamarin for Android applications.
Developers should rebuild their applications using Xamarin for Android 5.1 or newer in the release mode.
This vulnerability was found by accident, which allowed me to eat for free for a month.
Timeline: 03.04.2015 Vulnerability is found 07.04.2015 Message sent to Xamarin 08.04.2015 Xamarin acknowledged the vulnerability 29.04.2015 Fixed stable version released
-----BEGIN PGP SIGNATURE-----
已直接询问 Xamarin 支持,事实证明这是一个回归错误,将通过进一步更新修复:https://bugzilla.xamarin.com/show_bug.cgi?id=37422