init.te: Don't allow mounting on top of /proc
Don't allow init to mount on top of /proc. See https://android-review.googlesource.com/148295 for details. Change-Id: I65f66b39f3a5bfb72facb9f716f4537ac2237af1
This commit is contained in:
Nick Kralevich
parent
90c64542a2
commit
e05487acc3
1 changed files with 0 additions and 2 deletions
2
init.te
2
init.te
|
|
@ -45,8 +45,6 @@ allow init self:capability sys_admin;
|
||||||
allow init rootfs:dir create_dir_perms;
|
allow init rootfs:dir create_dir_perms;
|
||||||
allow init rootfs:dir mounton;
|
allow init rootfs:dir mounton;
|
||||||
|
|
||||||
allow init proc:dir mounton;
|
|
||||||
|
|
||||||
# Mount on /dev/usb-ffs/adb.
|
# Mount on /dev/usb-ffs/adb.
|
||||||
allow init device:dir mounton;
|
allow init device:dir mounton;
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue