diff --git a/domain.te b/domain.te
index 9e26348483a67f500ab187861acf275f0c540754..936bca5faefdd2c5f1959f2fe8e59e29a393f8a6 100644
--- a/domain.te
+++ b/domain.te
@@ -309,3 +309,7 @@ neverallow { domain -recovery } contextmount_type:dir_file_class_set
 # New service_types are defined in service.te and new mappings
 # from service name to service_type are defined in service_contexts.
 neverallow domain default_android_service:service_manager add;
+
+# Require that domains explicitly label unknown properties, and do not allow
+# anyone but init to modify unknown properties.
+neverallow { domain -init } default_prop:property_service set;