Skip to content
Snippets Groups Projects
Commit 99aa03dc authored by Nick Kralevich's avatar Nick Kralevich
Browse files

assert that no domain can set default properties 

Add a neverallow rule (compile time assertion) that no SELinux domain
other than init can set default_prop. default_prop is assigned to a
property when no more specific label exists for that property.

This ensures that all properties are labeled properly, and that
no-one (other than init) gets access to unknown properties.

Change-Id: If279960f23737e263d4d1b5face7b5c49cda7ae7
parent 65feafce
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 0 deletions
domain.te
+ 4
0
View file @ 99aa03dc
...@@ -309,3 +309,7 @@ neverallow { domain -recovery } contextmount_type:dir_file_class_set ...@@ -309,3 +309,7 @@ neverallow { domain -recovery } contextmount_type:dir_file_class_set
# New service_types are defined in service.te and new mappings # New service_types are defined in service.te and new mappings
# from service name to service_type are defined in service_contexts. # from service name to service_type are defined in service_contexts.
neverallow domain default_android_service:service_manager add; neverallow domain default_android_service:service_manager add;
# Require that domains explicitly label unknown properties, and do not allow
# anyone but init to modify unknown properties.
neverallow { domain -init } default_prop:property_service set;
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment