From 39fe4c715c061e84715fffd570c326f5bcf89c73 Mon Sep 17 00:00:00 2001
From: Ranjith Kagathi Ananda <ranjithkagathi@google.com>
Date: Mon, 10 Jul 2017 14:20:04 -0700
Subject: [PATCH] Allow vendor domains to use the untrusted_app_all attribute

Remove restriction to restrict only domains in AOSP to use the
untrusted_app_all attribute

BUG=63167163
Test: Sanity check

Change-Id: I9e1b8605fad108f45f988d8198a9a1cadb8dfa5e
---
 private/app_neverallows.te | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index ec20650fa..46c7e2225 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -2,9 +2,6 @@
 ### neverallow rules for untrusted app domains
 ###
 
-# Only allow domains in AOSP to use the untrusted_app_all attribute.
-neverallow { untrusted_app_all -untrusted_app -untrusted_app_25 } domain:process fork;
-
 define(`all_untrusted_apps',`{
   ephemeral_app
   isolated_app
-- 
GitLab