-
Stephen Smalley authoredChange I6a2fb1279318625a80f3ea8e3f0932bdbe6df676 removed these permissions from domain.te and added them to specific domains as required. Remove the permissions from unconfineddomain as well so that they are only allowed where explicitly allowed. The earlier change already added the necessary permissions to init, kernel, and recovery so we do not need to add them here. Change-Id: Ifeb5438532a7525e64328e1c54b436e9b6f7fd3b Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>Stephen Smalley authoredChange I6a2fb1279318625a80f3ea8e3f0932bdbe6df676 removed these permissions from domain.te and added them to specific domains as required. Remove the permissions from unconfineddomain as well so that they are only allowed where explicitly allowed. The earlier change already added the necessary permissions to init, kernel, and recovery so we do not need to add them here. Change-Id: Ifeb5438532a7525e64328e1c54b436e9b6f7fd3b Signed-off-by:Stephen Smalley <sds@tycho.nsa.gov>