Allow shell and adb to read tombstones
tombstones are now openable by these domains:
allow adbd tombstone_data_file:dir { getattr ioctl lock open read search watch watch_reads };
allow adbd tombstone_data_file:file { getattr ioctl lock map open read watch watch_reads };
allow dumpstate tombstone_data_file:dir { getattr ioctl lock open read search watch watch_reads };
allow dumpstate tombstone_data_file:file { getattr ioctl lock map open read watch watch_reads };
allow init tombstone_data_file:dir { add_name create getattr ioctl open read relabelfrom relabelto remove_name rmdir search setattr write };
allow init tombstone_data_file:fifo_file { create getattr open read relabelfrom relabelto setattr unlink };
allow init tombstone_data_file:file { create getattr map open read relabelfrom relabelto setattr unlink write };
allow init tombstone_data_file:sock_file { create getattr open read relabelfrom relabelto setattr unlink };
allow shell tombstone_data_file:dir { getattr ioctl lock open read search watch watch_reads };
allow shell tombstone_data_file:file { getattr ioctl lock map open read watch watch_reads };
allow system_server tombstone_data_file:dir { add_name getattr ioctl lock open read remove_name search watch watch_reads write };
allow system_server tombstone_data_file:file { append create getattr ioctl lock map open read rename setattr unlink watch watch_reads write };
allow tombstoned tombstone_data_file:dir { add_name getattr ioctl lock open read remove_name search watch watch_reads write };
allow tombstoned tombstone_data_file:file { append create getattr ioctl link lock map open read rename setattr unlink watch watch_reads write };
Test: adb unroot, ls, cat, adb pull
Bug: 312740614
Change-Id: I4a1af4fbdc48c5c5f4b0b33f124cea31af74dd87
This commit is contained in:
Florian Mayer
parent
bbff9f5ea1
commit
6c689e8438
3 changed files with 10 additions and 2 deletions
|
|
@ -226,6 +226,10 @@ allow adbd staging_data_file:file r_file_perms;
|
|||
# Allow adbd to pull /apex/apex-info-list.xml for CTS tests.
|
||||
allow adbd apex_info_file:file r_file_perms;
|
||||
|
||||
# allow reading tombstones. users can already use bugreports to get those.
|
||||
allow adbd tombstone_data_file:dir r_dir_perms;
|
||||
allow adbd tombstone_data_file:file r_file_perms;
|
||||
|
||||
###
|
||||
### Neverallow rules
|
||||
###
|
||||
|
|
|
|||
|
|
@ -132,9 +132,9 @@ allow appdomain apex_art_data_file:dir r_dir_perms;
|
|||
allow appdomain apex_art_data_file:file rx_file_perms;
|
||||
|
||||
# Allow access to tombstones if an fd to one is given to you.
|
||||
# This is restricted by unix permissions, so an app must go through system_server to get one.
|
||||
# An app cannot open the tombstone itself because it lacks `open`.
|
||||
allow appdomain tombstone_data_file:file { getattr read };
|
||||
neverallow appdomain tombstone_data_file:file ~{ getattr read };
|
||||
neverallow { appdomain -shell } tombstone_data_file:file ~{ getattr read };
|
||||
|
||||
# Execute the shell or other system executables.
|
||||
allow { appdomain -ephemeral_app -sdk_sandbox_all } shell_exec:file rx_file_perms;
|
||||
|
|
|
|||
|
|
@ -17,6 +17,10 @@ userdebug_or_eng(`
|
|||
# read config.gz for CTS purposes
|
||||
allow shell config_gz:file r_file_perms;
|
||||
|
||||
# allow reading tombstones. users can already use bugreports to get those.
|
||||
allow shell tombstone_data_file:dir r_dir_perms;
|
||||
allow shell tombstone_data_file:file r_file_perms;
|
||||
|
||||
# Run app_process.
|
||||
# XXX Transition into its own domain?
|
||||
app_domain(shell)
|
||||
|
|
|
|||
Loading…
Reference in a new issue