Privilege Escalation I

Loading...

Del curso dictado por Vanderbilt University

Engineering Maintainable Android Apps

95 calificaciones

Vanderbilt University

Engineering Maintainable Android Apps

95 calificaciones

Curso 4 de 5 en SpecializationAndroid App Development

Engineering Maintainable Android Apps, which is a 4 week MOOC that shows by example various methods for engineering maintainable Android apps, including test-driven development methods and how to develop/run unit tests using JUnit and Robotium (or equivalent automated testing frameworks for Android), as well as how to successfully apply common Java/Android software patterns to improve the extensibility and clarity of Android apps. Students will work on the appropriate automated unit quizzes, based on the material covered in the lecture videos. These lessons will demonstrate the benefits of good software engineering practices that are targeted at creating maintainable code for mobile apps. There will be roughly 3-4 hours of student engagement time per week, including video lectures, and quizzes. The ordering of the modules within the course is designed to be flexible. In particular, students can watch the videos in whatever order suits their experience and needs, e.g., they may want to watch the unit testing videos prior to the software pattern videos if they prefer to learn about unit testing first.

De la lección

Security & Sustainability II

This module provides an introduction to Unit Testing using the Junit 4.0 Framework in Android, as well as an introduction to Testing Frameworks using the Robotium open-source test framework for writing graybox testing cases to automate the testing of multi-Activity Android apps.

Traditional App Accounts3:15

Traditional vs. Mobile App Accounts5:28

App Account Mapping to Linux Users4:45

Apps Lie & Steal4:23

How Android Protects Apps13:52

What Android Does Not Protect14:20

The Challenges of Secure Coding2:48

Security Vulnerability Walkthrough7:30

The iRemember App Example3:38

Privilege Escalation I5:40

Privilege Escalation II4:07

Privilege Escalation III6:22

Course Wrap-up13:59

Conoce a los instructores

Dr. Douglas C. Schmidt
Professor of Computer Science and Associate Chair of the Computer Science and Engineering Program
Electrical Engineering and Computer Science
Michael Walker
Instructor - Graduate Student pursuing PhD in Computer Science
EECS
Dr. C. Jules White
Assistant Professor of Computer Science
Electrical Engineering and Computer Science

[MUSIC]

Let's talk about some new stories that have been out on the internet about

different security issues that we've seen with some production apps.

These are some pretty big name apps that have had security issues, and

we don't write apps that have these same flaws.

Now the specific type of flaw we're going to look at in this case,

is called a privilege escalation.

Now you may say,

well I would never write an app that would accidentally have this flaw.

But, the reality is, these are very subtle mistakes that developers make,

where they don't realize the ramifications of the decisions they're making,

particularly when they let other apps talk to their app

in order to access services within their app.

It's very easy to make mistakes to

accidentally break things like the permissions model on Android.

Now, you may say I'll never do that.

Let's show you how you could accidentally and

inadvertently do something like this with the iRemember app.

Let's talk about two services that we could extend the iRemember app with.

That might seem benign and very helpful to other apps on the device, but

that we can actually show we'll create a security issue on the device.

So let's talk about these two services that we're going to extend the iRemember

app with, and then use as an example of poor security.

So the first one is we decide that we'd like to be able to share

stories via an intent.

So that other apps that allow you to compose a story, and

maybe attach a photo to a story can simply send an intent to this service.

So they'll send an intent, and that intent will have a story,

plus a photo, and then the service will go off and

share that story and that photo that the other app sent to us.

Now, let's further assume that, you know, to be really flexible,

we decide that we want to create a version of the iRemember app

that can share stories and photos to different servers on the Internet.

So, we don't want to control all of the iRemember servers,

we want to have, maybe, iRemember servers that are for Vanderbilt University, or

a set of iRemember servers that are for the University of Maryland.

Because we want to be able to have different sets of stories and

photographs depending on the location.

And we decide we don't want to centrally manage all that information.

So one of the things that we could do on this intent

is we could allow it to also include the URL

of the server that we want to share that story in that photo with.

And then what we would do is actually when this intent gets sent to this service to

share the story and photo, it would go off and would access the internet.

And do the actual share force by sending it to that server.

Now this seems like a very benign thing, but as we'll show in a second here this

actually opens up a security hole in Android's permissions model.

Now let's look at our second service that we're going to add.

So let's say for example that we decided that we want to be able to attach photos

to the stories in iRemember.

But attach photos that aren't necessarily locally stored on the device.

So we want the user to be able to type in a URL of a photo to share.

Maybe it's a photo that's stored on Facebook's servers or

Google+'s servers or somewhere else.

So we want to give the ability for a user to specify an arbitrary URL.

And then we want to create a service that will automatically go and

fetch that photo from the Internet and download it to the local disk.

And then return a file descriptor, or URI,

specifying where that photo was downloaded to.

But, since we're already going in and creating a capability to allow other apps

to share stories and photos, why don't we go ahead and just expose this service to

download arbitrary photos from the internet as an intent service, as well.

Similarly we'll allow apps to send to this service and

intent, and in that intent we will have the URL

of the photo that we want to go and collect from the internet.

The service will go an access the internet, it'll download that file

And then it will return to this original service,

the file that was downloaded, a location of that file that was downloaded.

Again this seems like a helpful service, to that we could have our app,

the iRemember app exposed to other apps on the device.

So that it makes it easier for them to share photos and stories.

But in both cases, we'll actually see that we're doing something

inadvertently that's breaking Android's permissions model.

One of the things to remember is that for both of these to work we're going to

have to add the uses permission to iRemember for internet.

Now we've already probably got it there for

the capabilities that we were exposing iRemember but we have to remember that we

have internet permissions in order for all of this to work.

Explora nuestro catálogo

Inscríbete de manera gratuita y obtén recomendaciones personalizadas, actualizaciones y ofertas.

Coursera brinda acceso universal a la mejor educación del mundo, al asociarse con las mejores universidades y organizaciones, para ofrecer cursos en línea.

© 2018 Coursera Inc. Todos los derechos reservados.

Descargar en la App Store

Consíguelo en Google Play