Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
briar
briar
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 693
    • Issues 693
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 16
    • Merge Requests 16
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • briar
  • briarbriar
  • Issues
  • #1507

Closed
Open
Opened Mar 19, 2019 by Torsten Grote@groteOwner

API 29: TorPlugin does not start

On Android Q, calling exec() on writable application files is a W^X violation and represents an unsafe application practice, because apps with vulnerabilities can be exploited to download code and execute it. We currently extract the Tor and obfsproxy binaries into our writeable app data dir, so we are affected by this policy change.

It should still be possible to package the binaries into the application's native libs directory and enable android:extractNativeLibs=true (is enabled by default), and then call exec() on the read-only /data/app artifacts. A similar approach is done with the wrap.sh functionality, documented at https://developer.android.com/ndk/guides/wrap-script#packaging_wrapsh .

Additionally, please be aware that executables executed via exec() are not managed according to the Android process lifecycle, and generally speaking, exec() is discouraged from Android applications. While not Android documentation, https://stackoverflow.com/questions/16179062/using-exec-with-ndk covers this in some detail. Relying on exec() may be problematic in future Android versions.

Fixing this, might make #1278 a lot easier.

Assignee
Assign to
Android 1.2
Milestone
Android 1.2
Assign milestone
Time tracking
None
Due date
None
Reference: briar/briar#1507