Skip to content
Snippets Groups Projects
Commit af8d5332 authored by TreeHugger Robot's avatar TreeHugger Robot Committed by Android (Google) Code Review
Browse files

Merge "Add neverallow rule for uid_time_in_state"

parents 2490f1ad 40163301
No related branches found
No related tags found
No related merge requests found
......@@ -113,6 +113,9 @@ neverallow all_untrusted_apps proc:file { no_rw_file_perms no_x_file_perms };
# Avoid all access to kernel configuration
neverallow all_untrusted_apps config_gz:file { no_rw_file_perms no_x_file_perms };
# Only system_server can access proc_uid_time_in_state
neverallow { domain -init -system_server } proc_uid_time_in_state:file *;
# Do not allow untrusted apps access to preloads data files
neverallow all_untrusted_apps preloads_data_file:file no_rw_file_perms;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment