tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "neverallow init *:process noatsecure"

Browse source
This commit is contained in:
Treehugger Robot 2019-09-17 06:08:18 +00:00 committed by Gerrit Code Review
commit 4db20c6922
1 changed files with 9 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
public/init.te
View file

@ -586,6 +586,15 @@ neverallow init { app_data_file privapp_data_file }:lnk_file read;
# init should never execute a program without changing to another domain. # init should never execute a program without changing to another domain.
neverallow init { file_type fs_type }:file execute_no_trans; neverallow init { file_type fs_type }:file execute_no_trans;
# The use of sensitive environment variables, such as LD_PRELOAD, is disallowed
# when init is executing other binaries. The use of LD_PRELOAD for init spawned
# services is generally considered a no-no, as it injects libraries which the
# binary was not expecting. This is especially problematic for APEXes. The use
# of LD_PRELOAD via APEXes is a layering violation, and inappropriately loads
# code into a process which wasn't expecting that code, with potentially
# unexpected side effects. (b/140789528)
neverallow init *:process noatsecure;
# init can never add binder services # init can never add binder services
neverallow init service_manager_type:service_manager { add find }; neverallow init service_manager_type:service_manager { add find };
# init can never list binder services # init can never list binder services