diff --git a/vendor/hal_wifi_hostapd_default.te b/vendor/hal_wifi_hostapd_default.te
index 5a3bbb6eed013b4f8fb5c5b2e897bac055eaa294..1e0dcb83aa3dc03b4fcd1ec24b10b81083afc126 100644
--- a/vendor/hal_wifi_hostapd_default.te
+++ b/vendor/hal_wifi_hostapd_default.te
@@ -7,5 +7,6 @@ init_daemon_domain(hal_wifi_hostapd_default)
 net_domain(hal_wifi_hostapd_default)
 
 # Allow hostapd to access it's data folder
-allow hal_wifi_hostapd_default hostapd_data_file:dir rw_dir_perms;
+allow hal_wifi_hostapd_default hostapd_data_file:dir create_dir_perms;
 allow hal_wifi_hostapd_default hostapd_data_file:file create_file_perms;
+allow hal_wifi_hostapd_default hostapd_data_file:sock_file create_file_perms;