Merge "system_server: allow appendable file descriptors" am: 184851a212
am: a9aac6a9bf
am: e3f33e9824
Change-Id: I8c343c8c51828af7a34a95fcb04cd08a493376ae
This commit is contained in:
commit
2c758812e0
1 changed files with 3 additions and 3 deletions
|
@ -200,7 +200,7 @@ allow system_server sysfs_thermal:dir search;
|
|||
allow system_server sysfs_thermal:file r_file_perms;
|
||||
|
||||
# TODO: Remove when HALs are forced into separate processes
|
||||
allow system_server sysfs_vibrator:file write;
|
||||
allow system_server sysfs_vibrator:file { write append };
|
||||
|
||||
# TODO: added to match above sysfs rule. Remove me?
|
||||
allow system_server sysfs_usb:file w_file_perms;
|
||||
|
@ -308,10 +308,10 @@ allow system_server system_app_data_file:file create_file_perms;
|
|||
|
||||
# Receive and use open app data files passed over binder IPC.
|
||||
# Types extracted from seapp_contexts type= fields.
|
||||
allow system_server { system_app_data_file bluetooth_data_file nfc_data_file radio_data_file shell_data_file app_data_file }:file { getattr read write };
|
||||
allow system_server { system_app_data_file bluetooth_data_file nfc_data_file radio_data_file shell_data_file app_data_file }:file { getattr read write append };
|
||||
|
||||
# Receive and use open /data/media files passed over binder IPC.
|
||||
allow system_server media_rw_data_file:file { getattr read write };
|
||||
allow system_server media_rw_data_file:file { getattr read write append };
|
||||
|
||||
# Relabel apk files.
|
||||
allow system_server { apk_tmp_file apk_private_tmp_file }:{ dir file } { relabelfrom relabelto };
|
||||
|
|
Loading…
Reference in a new issue