Add mlstrustedobject to appfuse object type.
To write bytes to appfuse file from priv_app, we need to specify
mlstrustedobject.
The CL fixes the following denial.
type=1400 audit(0.0:77): avc: denied { write } for name="10" dev="fuse" ino=10 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:app_fuse_file:s0 tclass=file permissive=0
BUG=23093747
(cherry picked from commit 4d19f98c72
)
Change-Id: I9901033bb3349d5def0bd7128db45a1169856dc1
This commit is contained in:
parent
f51c05485c
commit
f19fb0c973
1 changed files with 1 additions and 1 deletions
2
file.te
2
file.te
|
@ -197,7 +197,7 @@ type bluetooth_efs_file, file_type;
|
|||
# Type for fingerprint template file.
|
||||
type fingerprintd_data_file, file_type, data_file_type;
|
||||
# Type for appfuse file.
|
||||
type app_fuse_file, file_type, data_file_type;
|
||||
type app_fuse_file, file_type, data_file_type, mlstrustedobject;
|
||||
|
||||
# Socket types
|
||||
type adbd_socket, file_type;
|
||||
|
|
Loading…
Reference in a new issue