diff --git a/untrusted_app.te b/untrusted_app.te
index 92d2cf40bbc113913453137a5e6c35312dd6994b..abcba7884a1c2604cb73cbe4714e8f52a40faa88 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -47,6 +47,14 @@ create_pty(untrusted_app)
 allow untrusted_app shell_data_file:file r_file_perms;
 allow untrusted_app shell_data_file:dir r_dir_perms;
 
+# b/18504118: Allow reads from /data/anr/traces.txt
+# TODO: We shouldn't be allowing all untrusted_apps to read
+# this file. This is only needed for the GMS feedback agent.
+# See also b/18340553. GMS runs as untrusted_app, and
+# it's too late to change the domain it runs in.
+# This line needs to be deleted.
+allow untrusted_app anr_data_file:file r_file_perms;
+
 # Read and write system app data files passed over Binder.
 # Motivating case was /data/data/com.android.settings/cache/*.jpg for
 # cropping or taking user photos.