diff --git a/public/vold.te b/public/vold.te
index ce68dbdd60cc1672167c8314bec581b5fee991ba..0657023ac964be81d5ee8cc099be05b72b50dd10 100644
--- a/public/vold.te
+++ b/public/vold.te
@@ -193,3 +193,5 @@ neverallow { domain -vold -init } restorecon_prop:property_service set;
 
 neverallow vold fsck_exec:file execute_no_trans;
 neverallow { domain -init } vold:process { transition dyntransition };
+neverallow vold *:process ptrace;
+neverallow vold *:rawip_socket *;