ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5594/xml/rule.adoc
Fred Tingaud 16f6c0aecf
Inline adoc when include has no additional value (#1940) 
Inline adoc files when they are included exactly once.

Also fix language tags because this inlining gives us better information
on what language the code is written in.
2023-05-25 14:18:12 +02:00

116 lines
3.9 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

== Why is this an issue?
Once an Android component has been exported, it can be used by attackers to
launch malicious actions and might also give access to other components
that are not exported.
As a result, sensitive user data can be stolen, and components can be launched
unexpectedly.
For this reason, the following components should be protected:
* Providers
* Activities
* Activity-aliases
* Services
To do so, it is recommended to either set `exported` to `false`, add
`android:readPermission` and `android:writePermission` attributes, or add a
`<permission>` tag.
**Warning**: When targeting Android versions lower than 12, the presence of intent filters will cause ``++exported++`` to be set to
``++true++`` by default.
If a component must be exported, use a `<permission>` tag and the
https://developer.android.com/guide/topics/manifest/permission-element#plevel[protection level]
that matches your use case and data confidentiality requirements. +
For example, https://developer.android.com/training/sync-adapters[Sync adapters]
should use a `signature` protection level to remain both exported **and** protected.
=== Noncompliant code example
The following components are vulnerable because permissions are undefined or
partially defined:
[source,xml]
----
<provider
android:authorities="com.example.app.Provider"
android:name="com.example.app.Provider"
android:exported="true"
android:readPermission="com.example.app.READ_PERMISSION" /> <!-- Noncompliant: write permission is not defined -->
----
[source,xml]
----
<provider
android:authorities="com.example.app.Provider"
android:name="com.example.app.Provider"
android:exported="true"
android:writePermission="com.example.app.WRITE_PERMISSION" /> <!-- Noncompliant: read permission is not defined -->
----
[source,xml]
----
<activity android:name="com.example.activity.Activity"> <!-- Noncompliant: permissions are not defined -->
<intent-filter>
<action android:name="com.example.OPEN_UI"/>
<category android:name="android.intent.category.DEFAULT"/>
</intent-filter>
</activity>
----
=== Compliant solution
If the component's capabilities or data are not intended to be shared with
other apps, its ``++exported++`` attribute should be set to ``++false++``:
[source,xml]
----
<provider
android:authorities="com.example.app.Provider"
android:name="com.example.app.Provider"
android:exported="false" />
----
Otherwise, implement permissions:
[source,xml]
----
<provider
android:authorities="com.example.app.Provider"
android:name="com.example.app.Provider"
android:exported="true"
android:readPermission="com.example.app.READ_PERMISSION"
android:writePermission="com.example.app.WRITE_PERMISSION" />
<activity android:name="com.example.activity.Activity"
android:permission="com.example.app.PERMISSION" >
<intent-filter>
<action android:name="com.example.OPEN_UI"/>
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
----
== Resources
* https://developer.android.com/guide/topics/providers/content-provider-creating#Permissions[developer.android.com] - Implementing content provider permissions
* https://mobile-security.gitbook.io/masvs/security-requirements/0x11-v6-interaction_with_the_environment[Mobile AppSec Verification Standard] - Platform Interaction Requirements
* https://owasp.org/www-project-mobile-top-10/2016-risks/m1-improper-platform-usage[OWASP Mobile Top 10 2016 Category M1] - Improper platform usage
* https://owasp.org/www-project-mobile-top-10/2016-risks/m2-insecure-data-storage[OWASP Mobile Top 10 2016 Category M2] - Insecure Data Storage
* https://cwe.mitre.org/data/definitions/926[MITRE, CWE-926] - Improper Export of Android Application Components
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
=== Message
Implement permissions on this exported component.
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink