tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Remove sys_boot

Browse source 
sys_boot is not needed for adb as of system/core commit
ca8e66a8b0f843812014a28d49208f9f6f64ecbc

sys_boot is not needed for system server as of frameworks/base
commit dbcf2d7482562eff45ac727cea799b37a260e399

Change-Id: I61379ea858e05acd239c9b16e4e2bf454af3f51c
This commit is contained in:
Nick Kralevich 2013-05-09 09:08:25 -07:00
parent 816cf987a1
commit 2bfb59df61
2 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
adbd.te
View file

@ -3,7 +3,7 @@
type adbd, domain, mlstrustedsubject;
allow adbd adb_device:chr_file rw_file_perms;
allow adbd qemu_device:chr_file rw_file_perms;
allow adbd self:capability { net_raw setgid setuid dac_override sys_boot sys_admin };
allow adbd self:capability { net_raw setgid setuid dac_override sys_admin };
allow adbd rootfs:file { r_file_perms entrypoint };
allow adbd init:process sigchld;
allow adbd self:tcp_socket *;

2
system.te
View file

@ -48,7 +48,7 @@ bluetooth_domain(system)
# These are the capabilities assigned by the zygote to the
# system server.
# XXX See if we can remove some of these.
allow system self:capability { kill net_bind_service net_broadcast net_admin net_raw sys_module sys_boot sys_nice sys_resource sys_time sys_tty_config };
allow system self:capability { kill net_bind_service net_broadcast net_admin net_raw sys_module sys_nice sys_resource sys_time sys_tty_config };
# Triggered by /proc/pid accesses, not allowed.
dontaudit system self:capability sys_ptrace;