From 278147eb8a20d2df6fafba817a4b9fd45c0607ba Mon Sep 17 00:00:00 2001
From: Max Bires <jbires@google.com>
Date: Tue, 23 Jan 2018 12:32:55 -0800
Subject: [PATCH] Adding permission for traceur to use content provider

This change will allow traceur to pass a file descriptor to another app
in order to allow that app to process trace data files. E.g. in the use
case that someone would like to email the traces they collected and pass
the trace data files to gmail, this will now be permitted.

Bug:68126425
Test: Traceur can pass fd's to untrusted apps for processing
Change-Id: If0507b5d1f06fd8400e04bd60e06a44153dc59b7
---
 private/untrusted_app_all.te | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/private/untrusted_app_all.te b/private/untrusted_app_all.te
index a43f04c35..5918f632c 100644
--- a/private/untrusted_app_all.te
+++ b/private/untrusted_app_all.te
@@ -41,6 +41,15 @@ allow untrusted_app_all asec_public_file:file { execute execmod };
 allow untrusted_app_all shell_data_file:file r_file_perms;
 allow untrusted_app_all shell_data_file:dir r_dir_perms;
 
+# Allow traceur to pass file descriptors through a content provider to untrusted apps
+# for the purpose of sharing files through e.g. gmail
+allow untrusted_app_all trace_data_file:file { getattr read };
+
+# untrusted apps should not be able to open trace data files, they should depend
+# upon traceur to pass a file descriptor
+neverallow untrusted_app_all trace_data_file:dir *;
+neverallow untrusted_app_all trace_data_file:file { no_w_file_perms open };
+
 # Allow to read staged apks.
 allow untrusted_app_all { apk_tmp_file apk_private_tmp_file }:file {read getattr};
 
-- 
GitLab