tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

allow run-as to access /data/local/tmp

Browse source 
Otherwise denials like the following occur:

avc: denied { write } for path="/data/local/tmp/foo" dev="dm-0" ino=325769 scontext=u:r:runas:s0 tcontext=u:object_r:shell_data_file:s0 tclass=file
avc: denied { read } for path="/data/local/tmp/foo" dev="dm-0" ino=325769 scontext=u:r:runas:s0 tcontext=u:object_r:shell_data_file:s0 tclass=file

Steps to reproduce:

$ run-as com.google.android.talk id > /data/local/tmp/id.out
$ run-as com.google.android.talk cat < /data/local/tmp/id.out

Change-Id: I68a7b804336a3d5776dcc31622f1279380282030
This commit is contained in:
Nick Kralevich 2014-11-07 16:21:42 -08:00
parent ee58864b95
commit dd8571aa24
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
runas.te
View file

@ -7,6 +7,7 @@ allow runas adbd:process sigchld;
allow runas shell:fd use;
allow runas shell:fifo_file { read write };
allow runas devpts:chr_file { read write ioctl };
allow runas shell_data_file:file { read write };
# run-as reads package information.
allow runas system_data_file:file r_file_perms;