Skip to content
Snippets Groups Projects
Commit 99c78bf2 authored by Nick Kralevich's avatar Nick Kralevich
Browse files

shell.te: Restore /proc/net access 

The removal of domain_deprecated from the shell user in
https://android-review.googlesource.com/184260 removed /proc/net access.
Restore it.

Bug: 26075092
Change-Id: Iac21a1ec4b9e769c068bfdcdeeef8a7dbc93c593
parent 44826cb5
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 1 deletion
shell.te
+ 2
1
View file @ 99c78bf2
......@@ -93,8 +93,9 @@ allow shell servicemanager:service_manager list;
# don't allow shell to access GateKeeper service
allow shell { service_manager_type -gatekeeper_service }:service_manager find;
# allow shell to look through /proc/ for ps, top
# allow shell to look through /proc/ for ps, top, netstat
r_dir_file(shell, proc)
r_dir_file(shell, proc_net)
r_dir_file(shell, cgroup)
allow shell domain:dir { search open read getattr };
allow shell domain:{ file lnk_file } { open read getattr };
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment