Skip to content
Snippets Groups Projects
Commit 89671020 authored by Nick Kralevich's avatar Nick Kralevich Committed by Android (Google) Code Review
Browse files

Merge "Correct documentation in untrusted_app_all" into oc-dev

parents 22ebf24e eda4b88d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
private/untrusted_app_all.te
+ 4
1
View file @ 89671020
...@@ -2,7 +2,8 @@ ...@@ -2,7 +2,8 @@
### Untrusted_app_all. ### Untrusted_app_all.
### ###
### This file defines the rules shared by all untrusted app domains except ### This file defines the rules shared by all untrusted app domains except
### ephemeral apps. ### apps which target the v2 security sandbox (ephemeral_app for instant apps,
### untrusted_v2_app for fully installed v2 apps).
### Apps are labeled based on mac_permissions.xml (maps signer and ### Apps are labeled based on mac_permissions.xml (maps signer and
### optionally package name to seinfo value) and seapp_contexts (maps UID ### optionally package name to seinfo value) and seapp_contexts (maps UID
### and optionally seinfo value to domain for process and type for data ### and optionally seinfo value to domain for process and type for data
...@@ -17,6 +18,8 @@ ...@@ -17,6 +18,8 @@
### or define and use a new seinfo value in both mac_permissions.xml and ### or define and use a new seinfo value in both mac_permissions.xml and
### seapp_contexts. ### seapp_contexts.
### ###
### Note that rules that should apply to all untrusted apps must be in app.te or also
### added to untrusted_v2_app.te and ephemeral_app.te.
# Legacy text relocations # Legacy text relocations
allow untrusted_app_all apk_data_file:file execmod; allow untrusted_app_all apk_data_file:file execmod;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment