clatd: remove spurious privs
Since the clatd has some code cleanup, these privs are not required anymore. Bug: 212345928 Test: manual test 1. Connect to ipv6-only wifi. 2. Try IPv4 traffic. $ ping 8.8.8.8 Change-Id: Ib801a190f9c14ee488bc77a43ac59c78c44773ab
This commit is contained in:
Hungming Chen
parent
d6a5b604ce
commit
7f4a2ab9fe
1 changed files with 0 additions and 8 deletions
|
|
@ -4,18 +4,10 @@ type clatd_exec, system_file_type, exec_type, file_type;
|
|||
|
||||
net_domain(clatd)
|
||||
|
||||
r_dir_file(clatd, proc_net_type)
|
||||
userdebug_or_eng(`
|
||||
auditallow clatd proc_net_type:{ dir file lnk_file } { getattr open read };
|
||||
')
|
||||
|
||||
# Access objects inherited from netd.
|
||||
allow clatd netd:fd use;
|
||||
allow clatd netd:fifo_file { read write };
|
||||
allow clatd netd:packet_socket { read write };
|
||||
allow clatd netd:rawip_socket { read write };
|
||||
|
||||
allow clatd self:global_capability_class_set { net_admin net_raw setuid setgid };
|
||||
|
||||
allow clatd self:netlink_route_socket nlmsg_write;
|
||||
allow clatd tun_device:chr_file rw_file_perms;
|
||||
|
|
|
|||
Loading…
Reference in a new issue