The Misuse of Android Unix Domain Sockets and Security Implications

Yuru Shao, Jason Ott, Yunhan Jack Jia, Zhiyun Qian, Z. Morley Mao
2016 Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security - CCS'16  
In this work, we conduct the first systematic study in understanding the security properties of the usage of Unix domain sockets by both Android apps and system daemons as an IPC (Inter-process Communication) mechanism, especially for cross-layer communications between the Java and native layers. We propose a tool called SInspector to expose potential security vulnerabilities in using Unix domain sockets through the process of identifying socket addresses, detecting authentication checks, and
more » ... rforming data flow analysis. Our in-depth analysis revealed some serious vulnerabilities in popular apps and system daemons, such as root privilege escalation and arbitrary file access. Based on our findings, we propose countermeasures and improved practices for utilizing Unix domain sockets on Android.
doi:10.1145/2976749.2978297 dblp:conf/ccs/ShaoOJQM16 fatcat:7pt3xrfbvfhhdiemch55goqpqa