diff --git a/private/screencap.te b/private/screencap.te
index 764880f55273a21dc452d7bca95d22a1e7e56ed1..d6bf489a902e5771a865659a034e644f5565319f 100644
--- a/private/screencap.te
+++ b/private/screencap.te
@@ -1,4 +1,3 @@
-type screencap, domain;
 type screencap_exec, exec_type, file_type;
 
 typeattribute screencap coredomain;
@@ -35,6 +34,8 @@ allow screencap mnt_user_file:dir search;
 allow screencap mnt_user_file:lnk_file read;
 allow screencap sdcardfs:dir { search write };
 allow screencap sdcardfs:file { open write };
+allow screencap shell_data_file:file create_file_perms;
+allow screencap shell_data_file:dir rw_dir_perms;
 allow screencap storage_file:dir search;
 allow screencap storage_file:lnk_file read;
 allow screencap tmpfs:dir search;
diff --git a/public/domain.te b/public/domain.te
index c471a50f1d6918ed63aef32b8343924e2a4cf9be..17051bb1c5d2a23773ae5049b7b1facf3d805d06 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -925,6 +925,7 @@ neverallow {
   -dumpstate
   -installd
   -init
+  -screencap
   -shell
   -vold
 } shell_data_file:dir no_w_dir_perms;
@@ -936,6 +937,7 @@ neverallow {
   -dumpstate
   -init
   -installd
+  -screencap
   -system_server # why?
   userdebug_or_eng(`-uncrypt')
 } shell_data_file:dir { open search };
@@ -948,6 +950,7 @@ neverallow {
   -appdomain
   -dumpstate
   -installd
+  -screencap
   userdebug_or_eng(`-uncrypt')
 } shell_data_file:file open;
 
diff --git a/public/screencap.te b/public/screencap.te
new file mode 100644
index 0000000000000000000000000000000000000000..ad8639f0abd4116bfa400de48f11e1a9943830cd
--- /dev/null
+++ b/public/screencap.te
@@ -0,0 +1 @@
+type screencap, domain;