tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add permissions back to app / shell domains

Browse source 
am: 8ff6a86da5

* commit '8ff6a86da526b18951c24a7971d71aac15f0fbca':
  Add permissions back to app / shell domains
This commit is contained in:
Nick Kralevich 2015-12-02 00:41:22 +00:00 committed by android-build-merger
commit f7a0cc51ab
2 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
app.te
View file

@ -29,6 +29,16 @@ allow appdomain zygote:process sigchld;
allow appdomain cgroup:dir { search write }; allow appdomain cgroup:dir { search write };
allow appdomain cgroup:file w_file_perms; allow appdomain cgroup:file w_file_perms;
# Read /data/dalvik-cache.
allow appdomain dalvikcache_data_file:dir { search getattr };
allow appdomain dalvikcache_data_file:file r_file_perms;
# Read the /sdcard symlink
allow appdomain rootfs:lnk_file r_file_perms;
# Search /storage/emulated tmpfs mount.
allow appdomain tmpfs:dir r_dir_perms;
userdebug_or_eng(` userdebug_or_eng(`
# Notify zygote of the wrapped process PID when using --invoke-with. # Notify zygote of the wrapped process PID when using --invoke-with.
allow appdomain zygote:fifo_file write; allow appdomain zygote:fifo_file write;

3
shell.te
View file

@ -25,6 +25,9 @@ userdebug_or_eng(`
allow shell adbd:fd use; allow shell adbd:fd use;
allow shell adbd:unix_stream_socket { read write ioctl getattr }; allow shell adbd:unix_stream_socket { read write ioctl getattr };
# Root fs.
allow shell rootfs:dir r_dir_perms;
# read files in /data/anr # read files in /data/anr
allow shell anr_data_file:dir r_dir_perms; allow shell anr_data_file:dir r_dir_perms;
allow shell anr_data_file:file r_file_perms; allow shell anr_data_file:file r_file_perms;