Skip to content
Snippets Groups Projects
Commit 93727ae6 authored by Jeff Vander Stoep's avatar Jeff Vander Stoep
Browse files

tombstoned: clean up TODO on anr writes 

audit logs indicate that "append" is still used, but not write.

From ToT master:
avc: granted { append } for comm="tombstoned" scontext=u:r:tombstoned:s0
tcontext=u:object_r:anr_data_file:s0 tclass=file

Bug: 32064548
Test: build
Change-Id: Id05853a8ae38b84deed4d8bcca5a72c64ce7fd7e
parent ac4b6478
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 1 addition and 6 deletions
public/tombstoned.te
+ 1
6
View file @ 93727ae6
...@@ -11,12 +11,7 @@ allow tombstoned domain:file r_file_perms; ...@@ -11,12 +11,7 @@ allow tombstoned domain:file r_file_perms;
allow tombstoned tombstone_data_file:dir rw_dir_perms; allow tombstoned tombstone_data_file:dir rw_dir_perms;
allow tombstoned tombstone_data_file:file { create_file_perms link }; allow tombstoned tombstone_data_file:file { create_file_perms link };
# TODO: Remove append / write permissions. They were temporarily
# granted due to a bug which appears to have been fixed.
allow tombstoned anr_data_file:file { append write };
auditallow tombstoned anr_data_file:file { append write };
# Changes for the new stack dumping mechanism. Each trace goes into a # Changes for the new stack dumping mechanism. Each trace goes into a
# separate file, and these files are managed by tombstoned. # separate file, and these files are managed by tombstoned.
allow tombstoned anr_data_file:dir rw_dir_perms; allow tombstoned anr_data_file:dir rw_dir_perms;
allow tombstoned anr_data_file:file { create getattr open link unlink }; allow tombstoned anr_data_file:file { append create getattr open link unlink };
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment