Android P restricts apps’ access to network activity information
Google has planned changes to the P version of Android, which indicate that it wants to restrict access to information about network activity by apps. In this way, the leakage of information must be tackled.
The addition to the AOSP was noticed by XDA Developers. The site writes that it is currently possible for Android apps to access information about network traffic without asking for special permissions. Then it is not about the content of that traffic, but about, for example, where the traffic goes and which apps connect to the internet at what time.
Google developer Jeffrey Vander Stoep writes in his description on the AOSP that his change is “the start of closing proc/net” because files in that folder give away information. According to XDA Developers, that folder contains information from the kernel about network activity and is accessible to all apps.
The AOSP description also states that the change, which takes place in the rules for SELinux, will look at which files apps are allowed to read, whitelist access, and otherwise deny access and a ‘secure api’ will take its place. For example, according to XDA Developers, this means that only certain VPN apps will be able to access files in the folder.
The changes would affect apps targeting api level 28 and above. In 2019, apps will be required to use that API level. The first preview of Android P, the successor to Oreo, came out in March.