tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

am 0cefb701: Merge "Remove setting /proc/self/attr/* from unconfined."

Browse source 
* commit '0cefb70170fcc2bf88e0fb3737a2dd0680bdb123':
  Remove setting /proc/self/attr/* from unconfined.
This commit is contained in:
Nick Kralevich 2014-05-27 17:08:05 +00:00 committed by Android Git Automerger
commit 7149486724
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
unconfined.te
View file

@ -20,7 +20,7 @@ allow unconfineddomain self:capability ~{ sys_ptrace sys_rawio mknod sys_module
allow unconfineddomain self:capability2 ~{ mac_override mac_admin };
allow unconfineddomain kernel:security ~{ load_policy setenforce setcheckreqprot setbool setsecparam };
allow unconfineddomain kernel:system *;
allow unconfineddomain domain:process ~{ execmem execstack execheap ptrace transition dyntransition };
allow unconfineddomain domain:process ~{ execmem execstack execheap ptrace transition dyntransition setexec setfscreate setcurrent setkeycreate setsockcreate };
allow unconfineddomain domain:fd *;
allow unconfineddomain domain:dir r_dir_perms;
allow unconfineddomain domain:lnk_file r_file_perms;