Something went wrong on our end
-
Alex Klyubin authoredThis futher restricts neverallows for sockets which may be exposed as filesystem nodes. This is achieved by labelling all such sockets created by core/non-vendor domains using the new coredomain_socket attribute, and then adding neverallow rules targeting that attribute. This has now effect on what domains are permitted to do. This only changes neverallow rules. Test: mmm system/sepolicy Bug: 36577153 (cherry picked from commit cf2ffdf0) Change-Id: Iffeee571a2ff61fb9515fa6849d060649636524e
Alex Klyubin authoredThis futher restricts neverallows for sockets which may be exposed as filesystem nodes. This is achieved by labelling all such sockets created by core/non-vendor domains using the new coredomain_socket attribute, and then adding neverallow rules targeting that attribute. This has now effect on what domains are permitted to do. This only changes neverallow rules. Test: mmm system/sepolicy Bug: 36577153 (cherry picked from commit cf2ffdf0) Change-Id: Iffeee571a2ff61fb9515fa6849d060649636524e
hal_nfc_default.te 480 B