init.te: fixup stale comment

init switch from a setcon() based transition to an exec() based transition in bug 19702273. Fixup stale comment. Test: comment only change. Policy compiles. Bug: 19702273 Change-Id: I6e1b4b3680193453adafa8952a7ea343d2977505

init.te: fixup stale comment
92ade748 · Nick Kralevich · 1157e733 · 92ade748
Commit 92ade748 authored 8 years ago by Nick Kralevich
--- a/public/init.te
+++ b/public/init.te
@@ -347,10 +347,10 @@ allow init system_data_file:lnk_file r_file_perms;
 ### neverallow rules
 ###

-# The init domain is only entered via setcon from the kernel domain,
-# never via an exec-based transition.
+# The init domain is only entered via an exec based transition from the
+# kernel domain, never via setcon().
 neverallow domain init:process dyntransition;
-neverallow { domain -kernel} init:process transition;
+neverallow { domain -kernel } init:process transition;
 neverallow init { file_type fs_type -init_exec }:file entrypoint;

 # Never read/follow symlinks created by shell or untrusted apps.