From 4bdd13e4c3632587c72b487a16d6c71a7a30714f Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Tue, 13 May 2014 14:45:00 -0700
Subject: [PATCH] untrusted_app: neverallow debugfs

Too many leaky files in that directory. It's a security best practice
to not mount this filesystem, however, we need it mounted for
tracing support. Even though it's mounted, make sure the files aren't
readable.

Bug: 11635985
Change-Id: I6f116c0a03a567a8107a8e07135ce025e51458dd
---
 untrusted_app.te | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/untrusted_app.te b/untrusted_app.te
index 1d94923f9..b7a2cef6c 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -63,3 +63,11 @@ allow untrusted_app media_rw_data_file:file create_file_perms;
 # Write to /cache.
 allow untrusted_app cache_file:dir create_dir_perms;
 allow untrusted_app cache_file:file create_file_perms;
+
+###
+### neverallow rules
+###
+
+# Too much leaky information in debugfs. It's a security
+# best practice to ensure these files aren't readable.
+neverallow untrusted_app debugfs:file read;
-- 
GitLab