You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

34 lines
853 B

# shell-as
shell-as is a utility that can be used to execute a binary in a less privileged
security context. This can be useful for verifying the capabilities of a process
on a running device or testing PoCs with different privilege levels.
## Usage
The security context can either be supplied explicitly, inferred from a process
running on the device, or set to a predefined profile.
For example, the following are equivalent and execute `/system/bin/id` in the
context of the init process.
```shell
shell-as \
--uid 0 \
--gid 0 \
--selinux u:r:init:s0 \
--seccomp system \
/system/bin/id
```
```shell
shell-as --pid 1 /system/bin/id
```
The "untrusted-app" profile can be used to execute a binary with all the
possible privileges attainable by an untrusted app:
```shell
shell-as --profile untrusted-app /system/bin/id
```