[guardian-dev] vuln: malicious Android apps can bypass active VPN configuration

ShootAKite at riseup.net ShootAKite at riseup.net
Sat Jan 18 15:29:14 EST 2014

I don't have the proof of concept for the exploit so I'm speculating...
The fix to be a verification of the 3rd party UID for onBind() within
BIND_VPN_SERVICE before returning the IBinder

More information about the Guardian-dev mailing list