Do not allow untrusted apps to read sysfs_net files am: 804d99ac76 am: 8f5e8e5b82 am: 9da4097fd6

am: d74e873fc1 Change-Id: I86b8077eb8976848242c19534205ed0d2c28dee6
2019-08-20 23:55:36 -07:00 · 2019-08-20 23:55:36 -07:00 · d660ddedb0
commit d660ddedb0
parent b8f6aaa8b5 d74e873fc1
1 changed files with 1 additions and 0 deletions
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@ -87,6 +87,7 @@ neverallow all_untrusted_apps file_type:file link;

 # Do not allow untrusted apps to access network MAC address file
 neverallow all_untrusted_apps sysfs_mac_address:file no_rw_file_perms;
+neverallow all_untrusted_apps sysfs_net:file no_rw_file_perms;

 # Do not allow any write access to files in /sys
 neverallow all_untrusted_apps sysfs_type:file { no_w_file_perms no_x_file_perms };