From 972b000898a21a9b9eb43d209246dc671b3d815b Mon Sep 17 00:00:00 2001 From: Jeff Vander Stoep Date: Wed, 9 Dec 2020 08:58:23 +0100 Subject: [PATCH] system_app: remove adb data loader permissions Per schfan@ these are no longer needed. Test: build Bug: 188554048 Change-Id: Idda1d9775fdd38cbd53c3652b567ddfc5beca0a6 (cherry picked from commit 07aee666798f3ae5fa9f737948a9ccdbafe52e9d) Ignore-AOSP-First: It was submitted in aosp first. (cherry picked from commit 16b7d5d829bf2c457e230ccb328c69f33e6e031b) --- prebuilts/api/30.0/private/system_app.te | 6 ------ private/system_app.te | 6 ------ 2 files changed, 12 deletions(-) diff --git a/prebuilts/api/30.0/private/system_app.te b/prebuilts/api/30.0/private/system_app.te index 0b77bb372..06dac78ce 100644 --- a/prebuilts/api/30.0/private/system_app.te +++ b/prebuilts/api/30.0/private/system_app.te @@ -72,12 +72,6 @@ allow system_app anr_data_file:file create_file_perms; # Settings need to access app name and icon from asec allow system_app asec_apk_file:file r_file_perms; -# Allow system_app (adb data loader) to write data to /data/incremental -allow system_app apk_data_file:file write; - -# Allow system app (adb data loader) to read logs -allow system_app incremental_control_file:file r_file_perms; - # Allow system apps (like Settings) to interact with statsd binder_call(system_app, statsd) diff --git a/private/system_app.te b/private/system_app.te index 0b77bb372..06dac78ce 100644 --- a/private/system_app.te +++ b/private/system_app.te @@ -72,12 +72,6 @@ allow system_app anr_data_file:file create_file_perms; # Settings need to access app name and icon from asec allow system_app asec_apk_file:file r_file_perms; -# Allow system_app (adb data loader) to write data to /data/incremental -allow system_app apk_data_file:file write; - -# Allow system app (adb data loader) to read logs -allow system_app incremental_control_file:file r_file_perms; - # Allow system apps (like Settings) to interact with statsd binder_call(system_app, statsd)