Remove world writable sysfs files
Test: build Change-Id: I9d18d31a9a65f785cf4bc69f011990e9f8182228
This commit is contained in:
parent
34eba95e8a
commit
bb7ece439b
3 changed files with 0 additions and 5 deletions
|
@ -1,6 +1,3 @@
|
||||||
# For /sys/qemu_trace files in the emulator.
|
|
||||||
allow domain sysfs_writable:dir search;
|
|
||||||
allow domain sysfs_writable:file rw_file_perms;
|
|
||||||
allow domain qemu_device:chr_file rw_file_perms;
|
allow domain qemu_device:chr_file rw_file_perms;
|
||||||
|
|
||||||
get_prop(domain, qemu_prop)
|
get_prop(domain, qemu_prop)
|
||||||
|
|
|
@ -1 +0,0 @@
|
||||||
type sysfs_writable, fs_type, sysfs_type, mlstrustedobject;
|
|
|
@ -15,7 +15,6 @@
|
||||||
/dev/qemu_.* u:object_r:qemu_device:s0
|
/dev/qemu_.* u:object_r:qemu_device:s0
|
||||||
/dev/ttyGF[0-9]* u:object_r:serial_device:s0
|
/dev/ttyGF[0-9]* u:object_r:serial_device:s0
|
||||||
/dev/ttyS2 u:object_r:console_device:s0
|
/dev/ttyS2 u:object_r:console_device:s0
|
||||||
/sys/qemu_trace(/.*)? u:object_r:sysfs_writable:s0
|
|
||||||
/vendor/bin/init\.ranchu-core\.sh u:object_r:goldfish_setup_exec:s0
|
/vendor/bin/init\.ranchu-core\.sh u:object_r:goldfish_setup_exec:s0
|
||||||
/vendor/bin/init\.ranchu-net\.sh u:object_r:goldfish_setup_exec:s0
|
/vendor/bin/init\.ranchu-net\.sh u:object_r:goldfish_setup_exec:s0
|
||||||
/vendor/bin/qemu-props u:object_r:qemu_props_exec:s0
|
/vendor/bin/qemu-props u:object_r:qemu_props_exec:s0
|
||||||
|
|
Loading…
Reference in a new issue