platform_system_sepolicy/public/ephemeral_app.te

###
### Ephemeral apps.
###
### This file defines the security policy for apps with the ephemeral
### feature.
###
### The ephemeral_app domain is a reduced permissions sandbox allowing
### ephemeral applications to be safely installed and run. Non ephemeral
### applications may also opt-in to ephemeral to take advantage of the
### additional security features.
###
### PackageManager flags an app as ephemeral at install time.

type ephemeral_app, domain;

# system/sepolicy/public is for vendor-facing type and attribute definitions.
# DO NOT ADD allow, neverallow, or dontaudit statements here.
# Instead, add such policy rules to system/sepolicy/private/*.te.
Rename autoplay_app to ephemeral_app Test: Builds and boots Change-Id: I3db64e12f0390c6940f5745eae83ce7efa7d65a9 2016-10-06 22:15:44 +02:00			`###`
			`### Ephemeral apps.`
			`###`
			`### This file defines the security policy for apps with the ephemeral`
			`### feature.`
			`###`
			`### The ephemeral_app domain is a reduced permissions sandbox allowing`
			`### ephemeral applications to be safely installed and run. Non ephemeral`
			`### applications may also opt-in to ephemeral to take advantage of the`
			`### additional security features.`
			`###`
			`### PackageManager flags an app as ephemeral at install time.`

Move ephemeral_app policy to private This leaves only the existence of ephemeral_app domain as public API. All other rules are implementation details of this domain's policy and are thus now private. There are a few rules, defined by other domains' files remaining in the public policy until the rules from these domains also move to the private policy: allow ephemeral_app_current appdomain:binder transfer; allow ephemeral_app_current audioserver_current:binder transfer; allow ephemeral_app_current drmserver_current:binder transfer; allow ephemeral_app_current dumpstate_current:binder transfer; allow ephemeral_app_current mediaserver_current:binder transfer; allow ephemeral_app_current surfaceflinger_current:binder transfer; allow ephemeral_app_current system_server_current:binder transfer; Test: No change to policy according to sesearch, except for disappearance of all allow rules from platform_app_current attribute (as expected). Bug: 31364497 Change-Id: I98687181434a98a141469ef676c461fcd1db2d4e 2017-01-10 00:34:27 +01:00			`type ephemeral_app, domain;`
Add "DO NOT ADD statements" comments to public For visibility Bug: 232023812 Test: N/A Change-Id: I0bc6dc568210b81ba1f52acb18afd4bcc454ea1c 2024-03-28 02:37:28 +01:00
			`# system/sepolicy/public is for vendor-facing type and attribute definitions.`
			`# DO NOT ADD allow, neverallow, or dontaudit statements here.`
			`# Instead, add such policy rules to system/sepolicy/private/*.te.`