Skip to content
Snippets Groups Projects
Commit a3aa1db3 authored by Jeff Vander Stoep's avatar Jeff Vander Stoep Committed by Android Git Automerger
Browse files

am 0243e5cf: system_server.te: remove policy load permissions

* commit '0243e5cf':
  system_server.te: remove policy load permissions
parents 60442d18 0243e5cf
No related branches found
No related tags found
No related merge requests found
...@@ -360,9 +360,6 @@ r_dir_file(system_server, fscklogs) ...@@ -360,9 +360,6 @@ r_dir_file(system_server, fscklogs)
allow system_server fscklogs:dir { write remove_name }; allow system_server fscklogs:dir { write remove_name };
allow system_server fscklogs:file unlink; allow system_server fscklogs:file unlink;
# For SELinuxPolicyInstallReceiver
selinux_manage_policy(system_server)
# logd access, system_server inherit logd write socket # logd access, system_server inherit logd write socket
# (urge is to deprecate this long term) # (urge is to deprecate this long term)
allow system_server zygote:unix_dgram_socket write; allow system_server zygote:unix_dgram_socket write;
......
...@@ -247,18 +247,6 @@ allow $1 security_file:dir r_dir_perms; ...@@ -247,18 +247,6 @@ allow $1 security_file:dir r_dir_perms;
allow $1 security_file:file r_file_perms; allow $1 security_file:file r_file_perms;
') ')
#####################################
# selinux_manage_policy(domain)
# Ability to manage policy files and
# trigger runtime reload.
define(`selinux_manage_policy', `
security_access_policy($1)
allow $1 security_file:dir create_dir_perms;
allow $1 security_file:file create_file_perms;
allow $1 security_file:lnk_file { create rename unlink };
set_prop($1, security_prop)
')
##################################### #####################################
# mmac_manage_policy(domain) # mmac_manage_policy(domain)
# Ability to manage mmac policy files, # Ability to manage mmac policy files,
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment