tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

am 018e9402: Prohibit reading of untrusted symlinks via neverallow.

Browse source 
* commit '018e9402c656c20289ea382dc72f958aa7e054d1':
  Prohibit reading of untrusted symlinks via neverallow.
This commit is contained in:
Stephen Smalley 2014-09-02 21:26:08 +00:00 committed by Android Git Automerger
commit 3f0ce9e096
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
init.te
View file

@ -117,3 +117,7 @@ allow init kernel:process setsched;
neverallow { domain -kernel} init:process dyntransition;
neverallow domain init:process transition;
neverallow init { file_type fs_type }:file entrypoint;
# Never read/follow symlinks created by shell or untrusted apps.
neverallow init shell_data_file:lnk_file read;
neverallow init app_data_file:lnk_file read;