From 4d5721a5a3da49dc22289ad44a3ade7aeda35ad7 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Fri, 30 Jun 2017 22:51:16 -0700
Subject: [PATCH] Remove adbd tcontexts from domain_deprecated

Logs indicate apps, system_server, and runas are the only
domains that require this permission.

Bug: 28760354
Test: check logs.
Change-Id: I93dc53ec2d892bb91c0cd6f5d7e9cbf76b9bcd9f
---
 public/domain_deprecated.te | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/public/domain_deprecated.te b/public/domain_deprecated.te
index aaf516c5d..829ee3a0a 100644
--- a/public/domain_deprecated.te
+++ b/public/domain_deprecated.te
@@ -20,13 +20,6 @@ userdebug_or_eng(`
 auditallow { domain_deprecated -appdomain -netd -surfaceflinger } system_server:fd use;
 ')
 
-# Connect to adbd and use a socket transferred from it.
-# This is used for e.g. adb backup/restore.
-allow domain_deprecated adbd:fd use;
-userdebug_or_eng(`
-auditallow { domain_deprecated -appdomain -system_server -runas } adbd:fd use;
-')
-
 # Root fs.
 allow domain_deprecated rootfs:dir r_dir_perms;
 allow domain_deprecated rootfs:file r_file_perms;
-- 
GitLab