Something went wrong on our end
-
Nick Kralevich authoredCommit 0d08d472 added two auditallow statements. The intented purpose of the auditallow statement was: auditallow accesses by init to files and character devices left in the generic device type so we can monitor what is being left there, although it is not necessarily a problem unless the file or device should be accessible to others. As currently written, the auditallow rules aren't actionable. It's not a problem by itself for init to access a /dev file or chr_file. Rather, we care about when other domains access such files. Currently, this generates a number of (expected) audit statements on boot, which causes unnecessary confusion and makes people believe that something is broken. Remove the unactionable auditallow statements. Change-Id: Ibfe33976505a7dc3f8d15c9eb203c044a39da426
Nick Kralevich authoredCommit 0d08d472 added two auditallow statements. The intented purpose of the auditallow statement was: auditallow accesses by init to files and character devices left in the generic device type so we can monitor what is being left there, although it is not necessarily a problem unless the file or device should be accessible to others. As currently written, the auditallow rules aren't actionable. It's not a problem by itself for init to access a /dev file or chr_file. Rather, we care about when other domains access such files. Currently, this generates a number of (expected) audit statements on boot, which causes unnecessary confusion and makes people believe that something is broken. Remove the unactionable auditallow statements. Change-Id: Ibfe33976505a7dc3f8d15c9eb203c044a39da426