1
0
mirror of https://github.com/PrivSec-dev/privsec.dev synced 2024-12-23 05:11:34 -05:00

More pictures

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-07-18 07:54:51 -04:00
parent 0c45101f0c
commit 732c92703d
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
3 changed files with 4 additions and 0 deletions

View File

@ -62,6 +62,8 @@ End users should be using the production `user` builds, and any distributions th
Unfortunately, many custom Android-based operating system builds (especially unofficial LineageOS builds) disables SELinux or set it into permissive mode. You can check whether SELinux is in enforcing mode or not by executing `getenforce` in the ADB shell (the expected output is `Enforcing`). You should avoid any Android-based operating system builds that do not have SELinux in enforcing mode at all cost.
![ADB SELinux](/adb-selinux.png)
## Good Android-Based Operating Systems
Currently, I am only aware of two Android-based operating systems that should be used over the stock operating systems:
@ -75,6 +77,8 @@ For usability purposes, GrapheneOS supports [Sandboxed Google Play](https://grap
Recently, GrapheneOS has also added the [Storage Scopes](https://grapheneos.org/usage#storage-access) feature, allowing you to limit what legacy apps which still use the old storage API can access. With this new feature, you no longer have to grant certain apps access to all of your media or files to use them anymore.
![VLC Storage Scopes](/vlc-storage-scopes.png)
Currently, Google Pixel phones are the only devices that meet GrapheneOS's [hardware security requirements](https://grapheneos.org/faq#device-support).
### DivestOS

BIN
static/adb-selinux.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 264 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 433 KiB