Revert "Prevent isolated_app from searching system_data_file."

This reverts commit 8dea731805.

Reason for revert: b/162048565: broke access to /data/misc/shared_relro

Bug: 158088415
Fix: 162048565
Test: atest CtsAppSecurityHostTestCases:android.appsecurity.cts.AppDataIsolationTests
Ignore-AOSP-First: Needs to be in topic with CTS to avoid test breakage.
Change-Id: Ia0f7b6bd575f1d1c95f11a356a5463b72dde9b10
This commit is contained in:
Alan Stokes 2020-10-15 16:44:52 +00:00
parent 89bdebac9a
commit 495e0e7997
2 changed files with 3 additions and 8 deletions

View file

@ -74,9 +74,6 @@ can_profile_perf(isolated_app)
# Isolated apps should not directly open app data files themselves.
neverallow isolated_app { app_data_file privapp_data_file }:file open;
# Isolated aps should not be directly accessing system directories
neverallow isolated_app system_data_file:dir search;
# Only allow appending to /data/anr/traces.txt (b/27853304, b/18340553)
# TODO: are there situations where isolated_apps write to this file?
# TODO: should we tighten these restrictions further?

View file

@ -238,12 +238,10 @@ not_full_treble(`
allow domain system_data_file:dir getattr;
')
allow { coredomain appdomain } system_data_file:dir getattr;
# /data has the label system_data_root_file. Many components need search
# permission on system_data_root_file for path traversal.
# /data has the label system_data_root_file. Vendor components need the search
# permission on system_data_root_file for path traversal to /data/vendor.
allow domain system_data_root_file:dir { search getattr } ;
# Isolated apps have no need to traverse system_data_file dirs
allow { domain -isolated_app } system_data_file:dir search;
# Vendor components need access to /dara/vendor
allow domain system_data_file:dir search;
# TODO restrict this to non-coredomain
allow domain vendor_data_file:dir { getattr search };