This repository was archived by the owner on Nov 24, 2024. It is now read-only.
File tree Expand file tree Collapse file tree 2 files changed +40
-1
lines changed Expand file tree Collapse file tree 2 files changed +40
-1
lines changed Original file line number Diff line number Diff line change 11droidbuild_module (){
22 LOCAL_PATH=$( dirname $BASH_SOURCE )
33 info " Updating valord SEPolicy"
4- exec cp $LOCAL_PATH $BASEDIR /system/sepolicy/private
4+ exec cp $LOCAL_PATH /sepolicy/valord.te $BASEDIR /system/sepolicy/private/
55 success " Updating valord SEPolicy"
66}
Original file line number Diff line number Diff line change 1+ # Valor
2+ Valor is a very simple run-time checker of executable
3+ files. It may be used for preventing harmful processes from operating
4+ on Android device.
5+
6+ In future it is planned to extend it possibilities also to
7+ blocking IP addresses with help of modified netd or directly by
8+ interacting with ` iptables ` .
9+
10+ # Installation
11+ A [ build.sh] ( https://github.com/Andrewerr/build.sh ) is a available for installing
12+ it with help of ` adb root ` , though it is not recommend as the daemon if over-priviliged
13+ then. It is better to integrate the daemon with your custom ROM.
14+
15+ # Integration
16+ As ` valord ` scans app files it needs extended access to the system which
17+ is protected by a set of ` neverallow ` and ` mls ` rules in order to integrate
18+ it with you ROM you would need patch your SEPolicy(see patch in ` patches/ ` folder).
19+ Here are commits associated with integration of SEPolicy to LineageOS 20.0-based PolarMod 1.3 ROM:
20+ * [ Patch neverallows] ( https://github.com/LineageOS/android_system_sepolicy/commit/4543fae09219b0cc092d84faf6fbecabaa2badc2 )
21+ * [ Add SEPolicy] ( https://github.com/LineageOS/android_system_sepolicy/commit/172a314614f59ebe2b47886147ab3b41500ea799 )
22+
23+ # Creating database
24+ The CMakeLists.txt are provided to generate threat database. Currently it is not inteded to be a big one.
25+ In order to create your database build ` dbgen ` utility and then use it to create database:
26+ ``` bash
27+ ./dbgen --db valor.db --name mythreat --filename threat-executable-file
28+ ```
29+
30+ You may continue adding threats with this command.
31+
32+ ## Using database
33+ By default the database is searched in local directory(see ` Android.mk ` )
34+ though you may override ` valor.db ` module and copy from you own place.
35+
36+ # Future plans
37+ * New algorithm of hashsum checking
38+ * By-name process database
39+ * Firewall set-up
You can’t perform that action at this time.
0 commit comments