Skip to content
Snippets Groups Projects
Select Git revision
  • android-7.1.2_r28_klist
  • master default protected
  • pie-cts-release
  • pie-vts-release
  • pie-cts-dev
  • oreo-mr1-iot-release
  • sdk-release
  • oreo-m6-s4-release
  • oreo-m4-s12-release
  • pie-release
  • pie-r2-release
  • pie-r2-s1-release
  • oreo-vts-release
  • oreo-cts-release
  • oreo-dev
  • oreo-mr1-dev
  • pie-gsi
  • pie-platform-release
  • pie-dev
  • oreo-cts-dev
  • android-o-mr1-iot-release-1.0.4
  • android-9.0.0_r8
  • android-9.0.0_r7
  • android-9.0.0_r6
  • android-9.0.0_r5
  • android-8.1.0_r46
  • android-8.1.0_r45
  • android-n-iot-release-smart-display-r2
  • android-vts-8.1_r5
  • android-cts-8.1_r8
  • android-cts-8.0_r12
  • android-cts-7.1_r20
  • android-cts-7.0_r24
  • android-o-mr1-iot-release-1.0.3
  • android-cts-9.0_r1
  • android-8.1.0_r43
  • android-8.1.0_r42
  • android-n-iot-release-smart-display
  • android-p-preview-5
  • android-9.0.0_r3
40 results

zygote.te

  • Stephen Smalley's avatar
    356f4be6
    Restrict requesting contexts other than policy-defined defaults. · 356f4be6
    Stephen Smalley authored
    
    Writing to the /proc/self/attr files (encapsulated by the libselinux
    set*con functions) enables a program to request a specific security
    context for various operations instead of the policy-defined defaults.
    The security context specified using these calls is checked by an
    operation-specific permission, e.g. dyntransition for setcon,
    transition for setexeccon, create for setfscreatecon or
    setsockcreatecon, but the ability to request a context at all
    is controlled by a process permission.  Omit these permissions from
    domain.te and only add them back where required so that only specific
    domains can even request a context other than the default defined by
    the policy.
    
    Change-Id: I6a2fb1279318625a80f3ea8e3f0932bdbe6df676
    Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
    356f4be6
    History
    Restrict requesting contexts other than policy-defined defaults.
    Stephen Smalley authored
    
    Writing to the /proc/self/attr files (encapsulated by the libselinux
    set*con functions) enables a program to request a specific security
    context for various operations instead of the policy-defined defaults.
    The security context specified using these calls is checked by an
    operation-specific permission, e.g. dyntransition for setcon,
    transition for setexeccon, create for setfscreatecon or
    setsockcreatecon, but the ability to request a context at all
    is controlled by a process permission.  Omit these permissions from
    domain.te and only add them back where required so that only specific
    domains can even request a context other than the default defined by
    the policy.
    
    Change-Id: I6a2fb1279318625a80f3ea8e3f0932bdbe6df676
    Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>