Merge "Add neverallow rules further restricing service_manager."
This commit is contained in:
Nick Kralevich
Gerrit Code Review
commit
c0088b8064
2 changed files with 12 additions and 0 deletions
|
|
@ -289,3 +289,10 @@ neverallow domain {fs_type -contextmount_type}:filesystem relabelto;
|
|||
# mount to another type.
|
||||
neverallow { domain -recovery } contextmount_type:dir_file_class_set
|
||||
{ create write setattr relabelfrom relabelto append unlink link rename };
|
||||
|
||||
# Do not allow service_manager add for default_android_service.
|
||||
# Instead domains should use a more specific type such as
|
||||
# system_app_service rather than the generic type.
|
||||
# New service_types are defined in service.te and new mappings
|
||||
# from service name to service_type are defined in service_contexts.
|
||||
neverallow domain default_android_service:service_manager add;
|
||||
|
|
|
|||
|
|
@ -71,3 +71,8 @@ allow untrusted_app cache_file:file create_file_perms;
|
|||
# Too much leaky information in debugfs. It's a security
|
||||
# best practice to ensure these files aren't readable.
|
||||
neverallow untrusted_app debugfs:file read;
|
||||
|
||||
# Do not allow untrusted apps to register services.
|
||||
# Only trusted components of Android should be registering
|
||||
# services.
|
||||
neverallow untrusted_app service_manager_type:service_manager add;
|
||||
|
|
|
|||
Loading…
Reference in a new issue