Skip to content
Snippets Groups Projects
Commit 1f21ff58 authored by Nick Kralevich's avatar Nick Kralevich Committed by Android Git Automerger
Browse files

am fd783d1b: Merge "Audit accesses on unlabeled files." 

* commit 'fd783d1b':
  Audit accesses on unlabeled files.
parents 23e2f7b7 fd783d1b
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
app.te
+ 1
0
View file @ 1f21ff58
......@@ -126,6 +126,7 @@ allow appdomain dalvikcache_profiles_data_file:file write;
# For legacy unlabeled userdata on existing devices.
# See discussion of Unlabeled files in domain.te for more information.
allow appdomain unlabeled:file x_file_perms;
auditallow appdomain unlabeled:file x_file_perms;
###
### CTS-specific rules
......
domain.te
+ 3
0
View file @ 1f21ff58
......@@ -158,6 +158,9 @@ allow domain { asec_public_file asec_apk_file }:dir r_dir_perms;
#
allow domain unlabeled:notdevfile_class_set { create_file_perms relabelfrom };
allow domain unlabeled:dir { create_dir_perms relabelfrom };
auditallow { domain -init } unlabeled:notdevfile_class_set { create_file_perms relabelfrom };
auditallow { domain -init -kernel } unlabeled:dir { create_dir_perms relabelfrom };
auditallow kernel unlabeled:dir ~search;
neverallow { domain -relabeltodomain } *:dir_file_class_set relabelto;
###
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment