am 0d3f7ddc: remove appdomain\'s ability to examine all of /proc

* commit '0d3f7ddc': remove appdomain's ability to examine all of /proc

am 0d3f7ddc: remove appdomain\'s ability to examine all of /proc
106050f8 · Nick Kralevich · Android Git Automerger · eb8e3d60 · 0d3f7ddc · 106050f8
Commit 106050f8 authored Aug 25, 2014 by Nick Kralevich Committed by Android Git Automerger Aug 25, 2014
--- a/app.te
+++ b/app.te
@@ -152,14 +152,6 @@ allow appdomain resourcecache_data_file:dir r_dir_perms;
 ### CTS-specific rules
 ###

-# For cts/tools/device-setup/TestDeviceSetup/src/android/tests/getinfo/RootProcessScanner.java.
-# Reads /proc/pid/status and statm entries to check that
-# no unexpected root processes are running.
-# Also for cts/tests/tests/security/src/android/security/cts/VoldExploitTest.java
-# Reads /proc/pid/cmdline of vold.
-allow appdomain domain:dir { open read search getattr };
-allow appdomain domain:{ file lnk_file } { open read getattr };
-
 # For cts/tests/tests/permission/src/android/permission/cts/FileSystemPermissionTest.java.
 # testRunAsHasCorrectCapabilities
 allow appdomain runas_exec:file getattr;