Along with the various user-facing features added in Android 4.4 KitKat, Google significantly bolstered the overall security of the platform with a number of key changes. Among other things, one of the key changes related to SELinux, which was previously introduced in Android 4.3. Android 4.4, however, shifted the SELinux status from Permissive to Enforce Mode.
To quote our security expert Pulser_G2 on the matter:
SELinux in Enforce Mode
In Android 4.4, SELinux has moved from running in permissive mode (which simply logs failures), into enforcing mode. SELinux, which was introduced in Android 4.3, is a mandatory access control system built into the Linux kernel, in order to help enforce the existing access control rights (i.e.permissions), and to attempt to prevent privilege escalation attacks (i.e. an app trying to gain root access on your device).
While this is largely a good thing for the general population, this security enhancement hasn’t been without its own share of issues. For example, it has broken some root-enabled applications such as the previously covered Ultimate Dynamic Navbar.
In order to allow users to easily toggle between SELinux modes, XDA Senior Member MrBIMC created the aptly titled SELinuxModeChanger app. The application (obviously) requires root access. Once given, the app allows you to toggle the SELinux status with but a single click. Once you’ve made your choice, a script will execute on boot to change the mode to what you have selected.
Naturally, the app only works on devices with SELinux. In other words, this is only meant for devices running Android 4.3 Jelly Bean or 4.4 KitKat. Of note, however, this does not yet work with Samsung KNOX-enabled devices. However, this is currently being worked on.
If you wish to easily change your SELinux mode and you’re not running a KNOX-enabled ROM, make your way over to the application thread and give this app a try._________
Join us for xda:devcon 2014. For a limited time, XDA Portal readers get 20% off registration!