This website requires JavaScript.
Explore
Help
Register
Sign In
tequilaOS
/
platform_system_sepolicy
Watch
2
Star
0
Fork
You've already forked platform_system_sepolicy
0
Code
Issues
Pull requests
Projects
Releases
Packages
Wiki
Activity
f0264fe2e9
platform_system_sepolicy
/
public
/
zygote.te
4 lines
88 B
Text
Raw
Normal View
History
Unescape
Escape
SE Android policy.
2012-01-04 18:33:27 +01:00
# zygote
Move zygote policy to private This leaves only the existence of zygote domain and its executable's zygote_exec file label as public API. All other rules are implementation details of this domain's policy and are thus now private. Test: Device boot, apps (untrusted_app, system_app, platform_app, priv_app) work fine. No new denials. Bug: 31364497 Change-Id: Ie37128531be841b89ecd602992d83d77e26533bc
2017-01-26 20:16:40 +01:00
type zygote, domain;
Introduce system_file_type system_file_type is a new attribute used to identify files which exist on the /system partition. It's useful for allow rules in init, which are based off of a blacklist of writable files. Additionally, it's useful for constructing neverallow rules to prevent regressions. Additionally, add commented out tests which enforce that all files on the /system partition have the system_file_type attribute. These tests will be uncommented in a future change after all the device-specific policies are cleaned up. Test: Device boots and no obvious problems. Change-Id: Id9bae6625f042594c8eba74ca712abb09702c1e5
2018-09-27 19:21:37 +02:00
type zygote_exec, system_file_type, exec_type, file_type;
Reference in a new issue
Copy permalink