don't allow debuggerd to ptrace itself.

It doesn't make any sense for debuggerd to ever attempt to ptrace
itself. A debuggerd crash can't be debugged via debuggerd.

Bug: 28399663
Change-Id: I710d474e89d121385ef423b7bed9673a90e0759b

debuggerd.te

@@ -9,7 +9,16 @@ allow debuggerd self:capability2 { syslog };
 allow debuggerd domain:dir r_dir_perms;
 allow debuggerd domain:file r_file_perms;
 allow debuggerd domain:lnk_file read;
-allow debuggerd { domain -init -ueventd -watchdogd -healthd -adbd -keystore }:process { ptrace getattr };
+allow debuggerd {
+  domain
+  -adbd
+  -debuggerd
+  -healthd
+  -init
+  -keystore
+  -ueventd
+  -watchdogd
+}:process { ptrace getattr };
 security_access_policy(debuggerd)
 allow debuggerd tombstone_data_file:dir rw_dir_perms;
 allow debuggerd tombstone_data_file:file create_file_perms;