diff --git a/untrusted_app.te b/untrusted_app.te
index 989409449839124435ce15fbbd86ddaa06937d00..c91543ed86932065570537c8f41e74f13722cafb 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -32,6 +32,9 @@ allow untrusted_app asec_apk_file:file r_file_perms;
 # Create tcp/udp sockets
 allow untrusted_app node_type:{ tcp_socket udp_socket } node_bind;
 allow untrusted_app self:{ tcp_socket udp_socket } { create_socket_perms accept listen };
+# Bind to a particular hostname/address/interface (e.g., localhost) instead of
+# ANY. Normally, apps should not be listening on all interfaces.
+allow untrusted_app port:{ tcp_socket udp_socket } name_bind;
 
 # Allow the allocation and use of ptys
 # Used by: https://play.google.com/store/apps/details?id=jackpal.androidterm