Skip to content
Snippets Groups Projects
Commit 2b56e484 authored by Jeff Vander Stoep's avatar Jeff Vander Stoep
Browse files

Allow priv_apps to stat files on the system partition 

Allows safetynet to scan the system partition which is made up of
files labeled system_file (already allowed) and/or files with the
exec_type attribute.

Bug: 25821333
Change-Id: I9c1c9c11bc568138aa115ba83238ce7475fbc5e4
parent 4367cf2d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 0 deletions
priv_app.te
+ 4
0
View file @ 2b56e484
...@@ -60,6 +60,10 @@ userdebug_or_eng(` ...@@ -60,6 +60,10 @@ userdebug_or_eng(`
allow priv_app perfprofd_data_file:dir r_dir_perms; allow priv_app perfprofd_data_file:dir r_dir_perms;
') ')
# Allow GMS core to stat files and executables on
# the system partition
allow priv_app exec_type:file getattr;
### ###
### neverallow rules ### neverallow rules
### ###
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment