diff --git a/bluetooth.te b/bluetooth.te
index a79023dc27c251138abe46fcf8d75da84f4ba9ea..6f6aea792b040f50d6bd8972663d87cae72dd6e9 100644
--- a/bluetooth.te
+++ b/bluetooth.te
@@ -14,8 +14,12 @@ allow bluetooth bluetooth_socket:sock_file create_file_perms;
 # bluetooth factory file accesses.
 r_dir_file(bluetooth, bluetooth_efs_file)
 
-# Device accesses.
+# TODO why does bluetooth require access to tun_device? If not,
+# remove access and tighten down neverallow rule so that appdomain is
+# not allowed to open (as opposed to just untrusted_app)
+# Device accesses. b/24744295
 allow bluetooth { tun_device uhid_device hci_attach_dev }:chr_file rw_file_perms;
+auditallow bluetooth tun_device:chr_file rw_file_perms;
 
 # Other domains that can create and use bluetooth sockets.
 # SELinux does not presently define a specific socket class for
diff --git a/untrusted_app.te b/untrusted_app.te
index eb518e32c45ee670948f9cfea6530eb1c48e0ed7..eb3005a99c743ce5c3b819300d4e70e434718b20 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -29,7 +29,9 @@ bluetooth_domain(untrusted_app)
 # to their sandbox directory and then execute.
 allow untrusted_app app_data_file:file { rx_file_perms execmod };
 
-allow untrusted_app tun_device:chr_file rw_file_perms;
+# Third party vpn apps receive an open tun fd from the framework for
+# device traffic. Do not allow untrusted app to directly open tun_device
+allow untrusted_app tun_device:chr_file { read write getattr ioctl append };
 
 # ASEC
 allow untrusted_app asec_apk_file:file r_file_perms;
@@ -157,3 +159,6 @@ neverallow untrusted_app file_type:file link;
 
 # Do not allow untrusted_app to access network MAC address file
 neverallow untrusted_app sysfs_mac_address:file no_rw_file_perms;
+
+# Do not allow untrusted app to directly open tun_device
+neverallow untrusted_app tun_device:chr_file open;