The permission model in Android goes through the APIs. If you can bypass the API to go lower-level, then you're effectively giving up the security, and just waiting for some cool researcher (or attacker) to find ways to exploit them.
The above makes sense if you want to assume that you need /proc at least at some permission level. If you don't (which I think you don't), then it should simply be unmounted in the sandbox.
IPC is the standard way to get out of the sandbox, and should be used also for whatever features the APIs need /proc for.
The above makes sense if you want to assume that you need /proc at least at some permission level. If you don't (which I think you don't), then it should simply be unmounted in the sandbox.
IPC is the standard way to get out of the sandbox, and should be used also for whatever features the APIs need /proc for.