Skip to content
Snippets Groups Projects
Commit bbf21a4f authored by Nick Kralevich's avatar Nick Kralevich Committed by android-build-merger
Browse files

Merge "exclude su from app auditallow" 

am: 747c69f4

Change-Id: I780f075beb031516bd4c2ce292c1fd1a2beaa5ac
parents 506cae47 747c69f4
Branches
Tags
No related merge requests found
Show whitespace changes
Inline Side-by-side
Showing
with 2 additions and 2 deletions
public/app.te
+ 2
2
View file @ bbf21a4f
...@@ -239,9 +239,9 @@ allowxperm { appdomain -bluetooth } self:{ rawip_socket tcp_socket udp_socket } ...@@ -239,9 +239,9 @@ allowxperm { appdomain -bluetooth } self:{ rawip_socket tcp_socket udp_socket }
allow { appdomain -isolated_app } ion_device:chr_file rw_file_perms; allow { appdomain -isolated_app } ion_device:chr_file rw_file_perms;
# TODO is write really necessary ? # TODO is write really necessary ?
auditallow appdomain ion_device:chr_file { write append }; auditallow { appdomain userdebug_or_eng(`-su') } ion_device:chr_file { write append };
# TODO audit ion ioctl usage by apps # TODO audit ion ioctl usage by apps
auditallow appdomain ion_device:chr_file ioctl; auditallow { appdomain userdebug_or_eng(`-su') } ion_device:chr_file ioctl;
allow { appdomain -isolated_app } hal_graphics_allocator:fd use; allow { appdomain -isolated_app } hal_graphics_allocator:fd use;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment