Skip to content
Snippets Groups Projects
Commit b2af6f26 authored by Nick Kralevich's avatar Nick Kralevich Committed by android-build-merger
Browse files

Add no_x_file_perm to property related files. 

am: 50ba6318

* commit '50ba6318':
  Add no_x_file_perm to property related files.

Change-Id: I2489ffbbd3f2c24c3aedfaae3da9430131a4de0d
parents 7c7cd736 50ba6318
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 4 deletions
domain.te
+ 4
4
View file @ b2af6f26
...@@ -273,10 +273,10 @@ neverallow { domain userdebug_or_eng(`-shell') } nativetest_data_file:file no_x_ ...@@ -273,10 +273,10 @@ neverallow { domain userdebug_or_eng(`-shell') } nativetest_data_file:file no_x_
# Only the init property service should write to /data/property and /dev/__properties__ # Only the init property service should write to /data/property and /dev/__properties__
neverallow { domain -init } property_data_file:dir no_w_dir_perms; neverallow { domain -init } property_data_file:dir no_w_dir_perms;
neverallow { domain -init } property_data_file:file no_w_file_perms; neverallow { domain -init } property_data_file:file { no_w_file_perms no_x_file_perms };
neverallow { domain -init } property_type:file no_w_file_perms; neverallow { domain -init } property_type:file { no_w_file_perms no_x_file_perms };
neverallow { domain -init } properties_device:file no_w_file_perms; neverallow { domain -init } properties_device:file { no_w_file_perms no_x_file_perms };
neverallow { domain -init } properties_serial:file no_w_file_perms; neverallow { domain -init } properties_serial:file { no_w_file_perms no_x_file_perms };
# Only recovery should be doing writes to /system # Only recovery should be doing writes to /system
neverallow { domain -recovery } { system_file exec_type }:dir_file_class_set neverallow { domain -recovery } { system_file exec_type }:dir_file_class_set
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment