Skip to content
Snippets Groups Projects
Commit 1d0bb522 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

DO NOT MERGE: domain.te: Drop appdomain transition neverallow assertion

Commit c5266df9 (Android 7.1) introduced
a new neverallow rule which required that the only way you could become
an appdomain was to have been spawned from zygote or run-as.

  # Only domains spawned from zygote and runas may have the appdomain attribute.
  neverallow { domain -runas -zygote } {
    appdomain -shell userdebug_or_eng(`-su')
    }:process { transition dyntransition };

This change was backported to Android 7.0 in commit
eedacf83 as part of the relaxation of
another neverallow rule.

As a general rule, the introduction of new neverallow rules in older
Android releases causes pain and unscheduled engineering work for our
partners. As a result, we try to avoid making such changes.

Partially revert eedacf83, specifically
the part that introduced a new neverallow rule. This revert is intended
for Android 7.0 ONLY, and should not be applied to newer Android
releases.

Bug: 37418998
Change-Id: I4c2eb30000b230d22d8dbc3b1309a5b63f9f95c9
parent c5fc28d9
Branches
Tags
No related merge requests found
......@@ -483,11 +483,6 @@ neverallow {
-zygote
} shell:process { transition dyntransition };
# Only domains spawned from zygote and runas may have the appdomain attribute.
neverallow { domain -runas -zygote } {
appdomain -shell userdebug_or_eng(`-su') -bluetooth
}:process { transition dyntransition };
# Minimize read access to shell- or app-writable symlinks.
# This is to prevent malicious symlink attacks.
neverallow {
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment