From 0d3f7ddc70572382edec58841b3d6262abf49f49 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Mon, 25 Aug 2014 12:55:19 -0700
Subject: [PATCH] remove appdomain's ability to examine all of /proc

Remove the CTS specific rule which allows appdomain processes
to view /proc entries for the rest of the system. With this change,
an SELinux domain will only be able to view it's own /proc
entries, e.g. untrusted_app can only view /proc entries for other
untrusted_app, system_app can only view /proc entries for other
system_apps, etc.

/proc contains sensitive information, and we want to avoid
leaking this information between app security domains.

Bug: 17254920
Change-Id: I59da37dde00107a5ab123df3b79a84afa855339f
---
 app.te | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/app.te b/app.te
index 06f41e963..a2cd0164f 100644
--- a/app.te
+++ b/app.te
@@ -152,14 +152,6 @@ allow appdomain resourcecache_data_file:dir r_dir_perms;
 ### CTS-specific rules
 ###
 
-# For cts/tools/device-setup/TestDeviceSetup/src/android/tests/getinfo/RootProcessScanner.java.
-# Reads /proc/pid/status and statm entries to check that
-# no unexpected root processes are running.
-# Also for cts/tests/tests/security/src/android/security/cts/VoldExploitTest.java
-# Reads /proc/pid/cmdline of vold.
-allow appdomain domain:dir { open read search getattr };
-allow appdomain domain:{ file lnk_file } { open read getattr };
-
 # For cts/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java.
 # testRunAsHasCorrectCapabilities
 allow appdomain runas_exec:file getattr;
-- 
GitLab