From 956ca4c504889bcb06e8c07ce7580449dc014ef3 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Wed, 6 Jan 2016 09:02:12 -0800
Subject: [PATCH] untrusted_app: remove mtp_device perms

No longer necessary after android.process.media moved to the
priv_app domain. Verified no new denials via audit2allow rule.

Bug: 25085347
Change-Id: I2d9498d5d92e79ddabd002b4a5c6f918e1eb9bcc
---
 untrusted_app.te | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/untrusted_app.te b/untrusted_app.te
index 204335aae..5d48970aa 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -59,13 +59,6 @@ allow untrusted_app system_app_data_file:file { read write getattr };
 # This includes what used to be media_app, shared_app, and release_app.
 #
 
-# Access /dev/mtp_usb.
-# TODO android.process.media moved to priv_app domain. Does
-# untrusted_app still require these permissions? Can "open"
-# be removed?
-allow untrusted_app mtp_device:chr_file rw_file_perms;
-auditallow untrusted_app mtp_device:chr_file rw_file_perms;
-
 # Access to /data/media.
 allow untrusted_app media_rw_data_file:dir create_dir_perms;
 allow untrusted_app media_rw_data_file:file create_file_perms;
-- 
GitLab