tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "eliminate some anr_data_file permissions."

Browse source
This commit is contained in:
Nick Kralevich 2015-08-22 19:09:18 +00:00 committed by Gerrit Code Review
commit acfd140c04
2 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
dumpstate.te
View file

@ -24,9 +24,8 @@ allow dumpstate system_file:file execute_no_trans;
# Create and write into /data/anr/
allow dumpstate self:capability { dac_override chown fowner fsetid };
allow dumpstate anr_data_file:dir { rw_dir_perms relabelto };
allow dumpstate anr_data_file:dir rw_dir_perms;
allow dumpstate anr_data_file:file create_file_perms;
allow dumpstate system_data_file:dir { create_dir_perms relabelfrom };
# Allow reading /data/system/uiderrors.txt
# TODO: scope this down.

5
system_server.te
View file

@ -269,9 +269,10 @@ allow system_server system_data_file:file relabelfrom;
allow system_server wallpaper_file:file relabelto;
allow system_server wallpaper_file:file { rw_file_perms unlink };
# Relabel /data/anr.
# This was originally required for relabeling /data/anr,
# but should not be used anymore. TODO: remove it.
allow system_server system_data_file:dir relabelfrom;
allow system_server anr_data_file:dir relabelto;
auditallow system_server system_data_file:dir relabelfrom;
# Property Service write
set_prop(system_server, system_prop)