tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update text relocation neverallow assertions

Browse source 
am: 89424bf947

* commit '89424bf9470931df90afa4f6d141b3696ad5a632':
  Update text relocation neverallow assertions
This commit is contained in:
Nick Kralevich 2015-10-28 01:21:01 +00:00 committed by android-build-merger
commit 984b0030a1
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
domain.te
View file

@ -417,7 +417,6 @@ neverallow { domain userdebug_or_eng(`-dumpstate -shell -su') } su_exec:file no_
# which, long term, need to go away. # which, long term, need to go away.
neverallow domain { neverallow domain {
file_type file_type
-system_file # needs to die. b/20013628
-system_data_file -system_data_file
-apk_data_file -apk_data_file
-app_data_file -app_data_file
@ -429,9 +428,9 @@ neverallow domain {
# required by some device-specific service domains. # required by some device-specific service domains.
neverallow domain self:process { execstack execheap }; neverallow domain self:process { execstack execheap };
# TODO: prohibit non-zygote spawned processes from using shared libraries # prohibit non-zygote spawned processes from using shared libraries
# with text relocations. b/20013628 . # with text relocations. b/20013628 .
# neverallow { domain -appdomain } file_type:file execmod; neverallow { domain -appdomain } file_type:file execmod;
neverallow { domain -init } proc:{ file dir } mounton; neverallow { domain -init } proc:{ file dir } mounton;