Ensure Proper Configuration for Running SELinux Policies on Android Devices
Question
A shipping company that is trying to eliminate entire classes of threats is developing an SELinux policy to ensure its custom Android devices are used exclusively for package tracking.
After compiling and implementing the policy, in which of the following modes must the company ensure the devices are configured to run?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
https://source.android.com/security/selinux/customize
The shipping company is developing an SELinux policy to ensure that their custom Android devices are used exclusively for package tracking. SELinux stands for Security-Enhanced Linux, which is a security module integrated into the Linux kernel. It provides a set of security rules to restrict the access of processes and users to the system resources such as files, devices, and network sockets.
The SELinux policy can be enforced in three modes: enforcing, permissive, and disabled. In enforcing mode, SELinux will enforce the security policy, and if any violation occurs, it will block the action and log the event. In permissive mode, SELinux will not block any action, but it will log the event. Disabled mode means that SELinux is not enforcing any policy.
In the given scenario, the shipping company wants to eliminate entire classes of threats and ensure that their custom Android devices are used exclusively for package tracking. Therefore, the devices must be configured to run in enforcing mode. This mode will ensure that any violation of the security policy will be blocked, and the event will be logged, thus providing a high level of security for the devices.
Therefore, the correct answer to the question is option C: Enforcing.