tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

am 6399f40f: Merge "add execmod to various app domains"

Browse source 
* commit '6399f40faa36adc6a1745d37dbf9cc567e3ae6c5':
  add execmod to various app domains
This commit is contained in:
Nick Kralevich 2014-06-03 13:33:10 +00:00 committed by Android Git Automerger
commit 06413106b1
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app.te
View file

@ -51,7 +51,7 @@ allow appdomain app_data_file:notdevfile_class_set create_file_perms;
# lib subdirectory of /data/data dir is system-owned.
allow appdomain system_data_file:dir r_dir_perms;
allow appdomain system_data_file:file { execute execute_no_trans open };
allow appdomain system_data_file:file { execute execute_no_trans open execmod };
# Access to OEM provided data and apps
allow appdomain oemfs:dir r_dir_perms;

4
untrusted_app.te
View file

@ -27,7 +27,7 @@ bluetooth_domain(untrusted_app)
# Some apps ship with shared libraries and binaries that they write out
# to their sandbox directory and then execute.
allow untrusted_app app_data_file:file rx_file_perms;
allow untrusted_app app_data_file:file { rx_file_perms execmod };
allow untrusted_app tun_device:chr_file rw_file_perms;
@ -35,7 +35,7 @@ allow untrusted_app tun_device:chr_file rw_file_perms;
allow untrusted_app asec_apk_file:dir { getattr };
allow untrusted_app asec_apk_file:file r_file_perms;
# Execute libs in asec containers.
allow untrusted_app asec_public_file:file execute;
allow untrusted_app asec_public_file:file { execute execmod };
# Allow the allocation and use of ptys
# Used by: https://play.google.com/store/apps/details?id=jackpal.androidterm