Skip to content
Snippets Groups Projects
Commit a2477056 authored by Alex Klyubin's avatar Alex Klyubin
Browse files

Permit writing to /dev/random and /dev/urandom. 

Apps attempting to write to /dev/random or /dev/urandom currently
succeed, but a policy violation is logged. These two Linux RNG
devices are meant to be written to by arbitrary apps. Thus, there's
no reason to deny this capability.

Bug: 10679705

Change-Id: Ife401f1dd2182889471eef7e90fcc92e96f9c4d6
parent 34a8e121
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 2 additions and 2 deletions
domain.te
+ 2
2
View file @ a2477056
...@@ -61,8 +61,8 @@ allow domain log_device:dir search; ...@@ -61,8 +61,8 @@ allow domain log_device:dir search;
allow domain log_device:chr_file rw_file_perms; allow domain log_device:chr_file rw_file_perms;
allow domain nv_device:chr_file rw_file_perms; allow domain nv_device:chr_file rw_file_perms;
allow domain alarm_device:chr_file r_file_perms; allow domain alarm_device:chr_file r_file_perms;
allow domain urandom_device:chr_file r_file_perms; allow domain urandom_device:chr_file rw_file_perms;
allow domain random_device:chr_file r_file_perms; allow domain random_device:chr_file rw_file_perms;
allow domain properties_device:file r_file_perms; allow domain properties_device:file r_file_perms;
# Filesystem accesses. # Filesystem accesses.
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment