-
- Downloads
Restrict access to Bluetooth system properties
This removes access to Bluetooth system properties from arbitrary SELinux domains. Access remains granted to init, bluetooth, and system_app domains. neverallow rules / CTS enforce that access is not granted to Zygote and processes spawned from Zygote expcept for system_app and bluetooth. The reason is that some of these properties may leak persistent identifiers not resettable by the user. Test: Bluetooth pairing and data transfer works Bug: 33700679 Change-Id: Icdcb3927a423c4011a62942340a498cc1b302472
Showing
- private/property_contexts 2 additions, 0 deletionsprivate/property_contexts
- public/app.te 8 additions, 0 deletionspublic/app.te
- public/property.te 1 addition, 2 deletionspublic/property.te
- public/webview_zygote.te 4 additions, 0 deletionspublic/webview_zygote.te
- public/zygote.te 3 additions, 0 deletionspublic/zygote.te
Loading
Please register or sign in to comment