adb: add adbd -> shell signal permissions.
adbd needs to kill spawned subprocesses if the client terminates the connection. SIGHUP will be used for this purpose, which requires the process:signal permission. Bug: http://b/23825725 Change-Id: I36d19e14809350dd6791a8a44f01b2169effbfd4
This commit is contained in:
David Pursell
parent
c37121436b
commit
05056457d4
1 changed files with 3 additions and 2 deletions
5
adbd.te
5
adbd.te
|
|
@ -9,8 +9,9 @@ userdebug_or_eng(`
|
|||
|
||||
domain_auto_trans(adbd, shell_exec, shell)
|
||||
|
||||
# Do not sanitize the environment or open fds of the shell.
|
||||
allow adbd shell:process noatsecure;
|
||||
# Do not sanitize the environment or open fds of the shell. Allow signaling
|
||||
# created processes.
|
||||
allow adbd shell:process { noatsecure signal };
|
||||
|
||||
# Set UID and GID to shell. Set supplementary groups.
|
||||
allow adbd self:capability { setuid setgid };
|
||||
|
|
|
|||
Loading…
Reference in a new issue