I have an Android app with some C code that uses the link(2) system call to create a hard link to an existing file. When I execute the app on Android 5.0.2, this part of the app works. When I execute the exact same app on an Android-M device the link() system call returns -1 "permission denied".
I notice in my log getting messages like this:
09-02 17:10:34.222 5291 5291 W ona.crackerjack: type=1400 audit(0.0:59): avc: denied { link } for name="fixed28" dev="mmcblk0p28" ino=82829 scontext=u:r:untrusted_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c512,c768 tclass=lnk_file permissive=0
This message appears nearby my app's log message that link() returned -1 "permission denied", sometimes earlier, sometimes later.
Is creating a hard link considered unsecure? I notice the "scontext=u:r:untrusted_app". Is there a way to make the app trusted and if so, would that let the link() system call work?
It looks like this is "by design".
At https://code.google.com/p/android-developer-preview/issues/detail?id=3150 , a member of the project explains that:
Apparently there are new SELinux rules, which forbid making hard links (or maybe accessing the folder or file).
Normal users cannot alter SELinux rules and even with root permissions this is not straightforward.
More on SELinux: https://source.android.com/devices/tech/security/selinux/