From 7105d048d5de102b57ae09ea627c0007b2736780 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Wed, 6 Jan 2016 11:20:34 -0800
Subject: [PATCH] shell: remove redundant ioctl perms

These permissions are already inherited from appdomain.

Change-Id: I1de57f656bea26da3d8105045c3d109094f6f917
---
 shell.te | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/shell.te b/shell.te
index 487f14c9b..266336587 100644
--- a/shell.te
+++ b/shell.te
@@ -125,9 +125,6 @@ allow shell sysfs_batteryinfo:file r_file_perms;
 # Allow access to ion memory allocation device.
 allow shell ion_device:chr_file rw_file_perms;
 
-# Whitelist access to socket ioctls
-allowxperm shell self:{ rawip_socket tcp_socket udp_socket } ioctl unpriv_sock_ioctls;
-
 ###
 ### Neverallow rules
 ###
-- 
GitLab