Remove property read access for non-core properties

Instead of allowing global read access to all properties, only allow read access to the properties which are part of core SELinux policy. Device-specific policies are no longer readable by default and need to be granted in device-specific policy. Grant read-access to any property where the person has write access. In most cases, anyone who wants to write a property needs read access to that property. Change-Id: I2bd24583067b79f31b3bb0940b4c07fc33d09918

Remove property read access for non-core properties
5a570a4b · Nick Kralevich · 5ca5696e · 5a570a4b · 5a570a4b · 5a570a4b
Commit 5a570a4b authored 9 years ago by Nick Kralevich
--- a/attributes
+++ b/attributes
@@ -55,6 +55,10 @@ attribute port_type;
 # All types used for property service
 attribute property_type;

+# All properties defined in core SELinux policy. Should not be
+# used by device specific properties
+attribute core_property_type;
+
 # All service_manager types created by system_server
 attribute system_server_service;


--- a/domain.te
+++ b/domain.te
@@ -79,8 +79,9 @@ allow domain random_device:chr_file rw_file_perms;
 allow domain properties_device:dir r_dir_perms;
 allow domain properties_serial:file r_file_perms;

-# For now, everyone can access all property files
-get_prop(domain, property_type)
+# For now, everyone can access core property files
+# Device specific properties are not granted by default
+get_prop(domain, core_property_type)
 dontaudit domain property_type:file audit_access;
 allow domain property_contexts:file r_file_perms;


--- a/property.te
+++ b/property.te
-type default_prop, property_type;
-type shell_prop, property_type;
-type debug_prop, property_type;
-type dumpstate_prop, property_type;
-type persist_debug_prop, property_type;
-type debuggerd_prop, property_type;
-type dhcp_prop, property_type;
-type fingerprint_prop, property_type;
-type ffs_prop, property_type;
-type radio_prop, property_type;
-type net_radio_prop, property_type;
-type system_radio_prop, property_type;
-type system_prop, property_type;
-type vold_prop, property_type;
-type ctl_bootanim_prop, property_type;
-type ctl_default_prop, property_type;
-type ctl_dhcp_pan_prop, property_type;
-type ctl_dumpstate_prop, property_type;
-type ctl_fuse_prop, property_type;
-type ctl_mdnsd_prop, property_type;
-type ctl_rildaemon_prop, property_type;
-type ctl_bugreport_prop, property_type;
-type ctl_console_prop, property_type;
-type audio_prop, property_type;
-type logd_prop, property_type;
-type restorecon_prop, property_type;
-type security_prop, property_type;
-type bluetooth_prop, property_type;
-type pan_result_prop, property_type;
-type powerctl_prop, property_type;
-type nfc_prop, property_type;
-type dalvik_prop, property_type;
-type config_prop, property_type;
+type default_prop, property_type, core_property_type;
+type shell_prop, property_type, core_property_type;
+type debug_prop, property_type, core_property_type;
+type dumpstate_prop, property_type, core_property_type;
+type persist_debug_prop, property_type, core_property_type;
+type debuggerd_prop, property_type, core_property_type;
+type dhcp_prop, property_type, core_property_type;
+type fingerprint_prop, property_type, core_property_type;
+type ffs_prop, property_type, core_property_type;
+type radio_prop, property_type, core_property_type;
+type net_radio_prop, property_type, core_property_type;
+type system_radio_prop, property_type, core_property_type;
+type system_prop, property_type, core_property_type;
+type vold_prop, property_type, core_property_type;
+type ctl_bootanim_prop, property_type, core_property_type;
+type ctl_default_prop, property_type, core_property_type;
+type ctl_dhcp_pan_prop, property_type, core_property_type;
+type ctl_dumpstate_prop, property_type, core_property_type;
+type ctl_fuse_prop, property_type, core_property_type;
+type ctl_mdnsd_prop, property_type, core_property_type;
+type ctl_rildaemon_prop, property_type, core_property_type;
+type ctl_bugreport_prop, property_type, core_property_type;
+type ctl_console_prop, property_type, core_property_type;
+type audio_prop, property_type, core_property_type;
+type logd_prop, property_type, core_property_type;
+type restorecon_prop, property_type, core_property_type;
+type security_prop, property_type, core_property_type;
+type bluetooth_prop, property_type, core_property_type;
+type pan_result_prop, property_type, core_property_type;
+type powerctl_prop, property_type, core_property_type;
+type nfc_prop, property_type, core_property_type;
+type dalvik_prop, property_type, core_property_type;
+type config_prop, property_type, core_property_type;

 allow property_type tmpfs:filesystem associate;
--- a/te_macros
+++ b/te_macros
@@ -150,6 +150,7 @@ allow $1 $3:unix_stream_socket connectto;
 define(`set_prop', `
 __unix_socket_connect__($1, property, init)
 allow $1 $2:property_service set;
+get_prop($1, $2)
 ')

 #####################################