Something went wrong on our end
Select Git revision
system_server.te
-
Stephen Smalley authored
The bugs that motivated bringing back the unlabeled allowall rules, https://android-review.googlesource.com/#/c/94971/ should be resolved by the following changes: https://android-review.googlesource.com/#/c/94966/ https://android-review.googlesource.com/#/c/96080/ Beyond those changes, installd needs to be able to remove package directories for apps that no longer exist or have moved (e.g. to priv-app) on upgrades, so allow it the permissions required for this purpose. vold needs to be able to chown/chmod/restorecon files in asec containers so allow it the permissions to do so. system_server tries to access all /data/data subdirectories so permit it to do so. installd and system_server read the pkg.apk file before it has been relabeled by vold and therefore need to read unlabeled files. Change-Id: I70da7d605c0d037eaa5f3f5fda24f5e7715451dc Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>
Stephen Smalley authoredThe bugs that motivated bringing back the unlabeled allowall rules, https://android-review.googlesource.com/#/c/94971/ should be resolved by the following changes: https://android-review.googlesource.com/#/c/94966/ https://android-review.googlesource.com/#/c/96080/ Beyond those changes, installd needs to be able to remove package directories for apps that no longer exist or have moved (e.g. to priv-app) on upgrades, so allow it the permissions required for this purpose. vold needs to be able to chown/chmod/restorecon files in asec containers so allow it the permissions to do so. system_server tries to access all /data/data subdirectories so permit it to do so. installd and system_server read the pkg.apk file before it has been relabeled by vold and therefore need to read unlabeled files. Change-Id: I70da7d605c0d037eaa5f3f5fda24f5e7715451dc Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>
incident_helper.te 614 B
typeattribute incident_helper coredomain;
type incident_helper_exec, exec_type, file_type;
# switch to incident_helper domain for incident_helper command
domain_auto_trans(incidentd, incident_helper_exec, incident_helper)
# use pipe to transmit data from/to incidentd/incident_helper for parsing
allow incident_helper { shell incident incidentd }:fd use;
allow incident_helper { shell incident incidentd }:fifo_file { getattr read write };
# only allow incidentd and shell to call incident_helper
neverallow { domain -incidentd -incident_helper -shell } incident_helper_exec:file { execute execute_no_trans };