Removing file system remount permission from vold
There is no reason for vold to have this permission, and a proper auditallow rule has been used and monitored to ensure that nothing on android uses this permission. Bug: 26901147 Test: Phone boots Change-Id: Id36ed2722348f433fe3d046a3429066338230fec
This commit is contained in:
Max
parent
a95c52e347
commit
16c889c51f
1 changed files with 1 additions and 4 deletions
|
|
@ -93,10 +93,7 @@ allow vold ion_device:chr_file r_file_perms;
|
||||||
#
|
#
|
||||||
|
|
||||||
# Unmount and mount the fs.
|
# Unmount and mount the fs.
|
||||||
allow vold labeledfs:filesystem { mount unmount remount };
|
allow vold labeledfs:filesystem { mount unmount };
|
||||||
# audit any attempts of vold to remount a filesystem, monitor in a few weeks
|
|
||||||
# then remove
|
|
||||||
auditallow vold labeledfs:filesystem { remount };
|
|
||||||
|
|
||||||
# Access /efs/userdata_footer.
|
# Access /efs/userdata_footer.
|
||||||
# XXX Split into a separate type?
|
# XXX Split into a separate type?
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue