-
Stephen Smalley authoredOtherwise we have different security contexts but the same DAC permissions: -rw-rw-rw- root root u:object_r:sysfs_writable:s0 process_name -rw-rw-rw- root root u:object_r:sysfs:s0 state -rw-rw-rw- root root u:object_r:sysfs:s0 symbol This change fixes denials such as: type=1400 msg=audit(1379096020.770:144): avc: denied { write } for pid=85 comm="SurfaceFlinger" name="symbol" dev="sysfs" ino=47 scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:sysfs:s0 tclass=file Change-Id: I261c7751da3778ee9241ec6b5476e8d9f96ba5ed Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>Stephen Smalley authoredOtherwise we have different security contexts but the same DAC permissions: -rw-rw-rw- root root u:object_r:sysfs_writable:s0 process_name -rw-rw-rw- root root u:object_r:sysfs:s0 state -rw-rw-rw- root root u:object_r:sysfs:s0 symbol This change fixes denials such as: type=1400 msg=audit(1379096020.770:144): avc: denied { write } for pid=85 comm="SurfaceFlinger" name="symbol" dev="sysfs" ino=47 scontext=u:r:surfaceflinger:s0 tcontext=u:object_r:sysfs:s0 tclass=file Change-Id: I261c7751da3778ee9241ec6b5476e8d9f96ba5ed Signed-off-by:Stephen Smalley <sds@tycho.nsa.gov>