Merge "make system_app_data_file shareable over binder" am: 7216b3aa00
Original change: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1736243 Change-Id: Ic055764f86525b82d85a5d6524a2c4e2ba558361
This commit is contained in:
commit
5c90c86b4f
1 changed files with 1 additions and 1 deletions
|
@ -70,7 +70,7 @@ allow { appdomain -isolated_app -mlstrustedsubject } { app_data_file privapp_dat
|
|||
allow { appdomain -isolated_app -mlstrustedsubject } { app_data_file privapp_data_file }:file create_file_perms;
|
||||
|
||||
# Access via already open fds is ok even for mlstrustedsubject.
|
||||
allow { appdomain -isolated_app } { app_data_file privapp_data_file }:file { getattr map read write };
|
||||
allow { appdomain -isolated_app } { app_data_file privapp_data_file system_app_data_file }:file { getattr map read write };
|
||||
|
||||
# Traverse into expanded storage
|
||||
allow appdomain mnt_expand_file:dir r_dir_perms;
|
||||
|
|
Loading…
Reference in a new issue