When Google debuted Project Treble back in May, the big focus was on how it could potentially speed up the updates that Android manufacturers push to your phones. Google will attempt to modularize Android (Android O and beyond) in order to do this, but that modularization has also created another benefit – improved security.
Google detailed the security improvements in a blog post today that you should probably read because it’s all-up in the technicalness. I’ll do my best to summarize its parts here, though.
As a part of Project Treble, the Hardware Abstraction Layers (HAL) – the ones that “provides an interaction between device-agnostic code and device-specific hardware implementations” – are moved into their processes, essentially cutting them off from having access to other HALs, their drivers, and permissions that they don’t need access to. Google refers to this as the “principle of least privilege,” which is an idea that limits a process to only having access to the info that’s necessary for it to function.
Google provides an example of this change through Android’s system server. With Project Treble, they moved 20 HALs out of system server, like HALs for sensors, GPS, fingerprint, and WiFi, to make the system server less attractive to an attacker. Should someone compromise system server in the old setup, they’d be able to “gain privileged system permissions,” but not in Android O with Treble.
The bottom line is that Android O and Project Treble have modularized the operating system and the result is a more secure Android with parts that only have access to and talk to the parts they actually need to.
// Android Developers Blog