Skip to content
Snippets Groups Projects
Commit 58c75f3f authored by Jeff Vander Stoep's avatar Jeff Vander Stoep Committed by android-build-merger
Browse files

domain_deprecated: Remove access to /data/app 

am: 21b4a925

Change-Id: I396961c1821fd5503a400779ec325041e96d8035
parents 8388a9d2 21b4a925
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
private/domain_deprecated.te
+ 0
28
View file @ 58c75f3f
# rules removed from the domain attribute # rules removed from the domain attribute
# Read apk files under /data/app.
allow domain_deprecated apk_data_file:dir { getattr search };
allow domain_deprecated apk_data_file:file r_file_perms;
allow domain_deprecated apk_data_file:lnk_file r_file_perms;
userdebug_or_eng(`
auditallow {
domain_deprecated
-appdomain
-dex2oat
-installd
-system_server
} apk_data_file:dir { getattr search };
auditallow {
domain_deprecated
-appdomain
-dex2oat
-installd
-system_server
} apk_data_file:file r_file_perms;
auditallow {
domain_deprecated
-appdomain
-dex2oat
-installd
-system_server
} apk_data_file:lnk_file r_file_perms;
')
# Read access to pseudo filesystems. # Read access to pseudo filesystems.
r_dir_file(domain_deprecated, proc) r_dir_file(domain_deprecated, proc)
r_dir_file(domain_deprecated, sysfs) r_dir_file(domain_deprecated, sysfs)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment