tequilaOS/platform_system_sepolicy

Fork 0

Commit graph

Author	SHA1	Message	Date
Carmen Jackson	2d6fb3971b	Ensure that only desired processes can access TracingServiceProxy This change adds a neverallow rule in traced.te to limit the processes that can find tracingproxy_service, the context for TracingServiceProxy. I wanted to avoid moving the tracingproxy_service definition to public, so there were a few services that are exempted from this neverallow rule. Bug: 191391382 Test: Manually verified that with this change, along with the other change in this topic, I see no errors when taking a bugreport while a Traceur trace is running and the expected trace is included in the generated bugreport. Change-Id: I28d0b1b08baac43a53fe5a1ff0f67b788d51dc74 Merged-In: I8658df0db92ae9cf4fefe2eebb4d6d9a5349ea89	2021-06-24 18:42:57 +00:00
Jeff Sharkey	6a5fd26e7a	platform/system/sepolicy - SEPolicy Prebuilts for S Bug: 171506470 Test: Build Change-Id: I8bf6c8833ecc65ca241fb9bc8be1b7b919825414	2021-06-01 06:49:23 -06:00

Author

SHA1

Message

Date

Carmen Jackson

2d6fb3971b

Ensure that only desired processes can access TracingServiceProxy

This change adds a neverallow rule in traced.te to limit the processes
that can find tracingproxy_service, the context for TracingServiceProxy.

I wanted to avoid moving the tracingproxy_service definition to public,
so there were a few services that are exempted from this neverallow
rule.

Bug: 191391382
Test: Manually verified that with this change, along with the other
change in this topic, I see no errors when taking a bugreport while a
Traceur trace is running and the expected trace is included in the
generated bugreport.

Change-Id: I28d0b1b08baac43a53fe5a1ff0f67b788d51dc74
Merged-In: I8658df0db92ae9cf4fefe2eebb4d6d9a5349ea89

2021-06-24 18:42:57 +00:00

Jeff Sharkey

6a5fd26e7a

platform/system/sepolicy - SEPolicy Prebuilts for S

Bug: 171506470
Test: Build
Change-Id: I8bf6c8833ecc65ca241fb9bc8be1b7b919825414

2021-06-01 06:49:23 -06:00

2 commits