tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
330 commits 1 branch 0 tags 50 MiB
Commit graph

7 commits

Author SHA1 Message Date
Stephen Smalley
4b60cc3033 Do not allow reading all directories for the CTS. 
The test gracefully handles unreadable directories, so
we do not need to allow this for all file types.

Change-Id: Ib5f5be7cacc3f0270b72c046200cc3d21f3fc374
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-04-04 12:21:33 -04:00
Stephen Smalley
33da609157 Allow all domains to read /dev symlinks. 
Change-Id: I448a5553937a98775178b94f289ccb45ae862876
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-04-04 12:21:06 -04:00
Stephen Smalley
c37856c4d2 Remove unnecessary rules. 
Redundant with other rules or not required for untrusted app.

Change-Id: Idb5d50326cc14696423cf133508c0d013c5928a6
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-04-04 12:20:33 -04:00
Stephen Smalley
cfd9b6ba0b Allow apps to execute the shell or system commands unconditionally. 
Change-Id: I54af993bd478d6b8d0462d43950bb1a991131c82
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
 2013-04-04 12:20:11 -04:00
Haiqing Jiang
173cbdd352 read permission over lnk_file to devices when android_cts enabled 2012-07-30 16:02:36 -04:00
Haiqing Jiang
1ce0fe382a appdomain r/w apk_tmp_file and shell_data_file on android_cts enabled 2012-07-30 08:26:40 -04:00
Stephen Smalley
2dd4e51d5c SE Android policy. 2012-01-04 12:33:27 -05:00