b3cb9695c4
init_shell domain is now only used for shell commands or scripts invoked by init*.rc files, never for an interactive shell. It was being used for console service for a while but console service is now assigned shell domain via seclabel in init.rc. We may want to reconsider the shelldomain rules for init_shell and whether they are still appropriate. shell domain is now used by both adb shell and console service, both of which also run in the shell UID. su domain is now used not only for /system/bin/su but also for adbd and its descendants after an adb root is performed. Change-Id: I502ab98aafab7dafb8920ccaa25e8fde14a8f572 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
26 lines
803 B
Text
26 lines
803 B
Text
# File types must be defined for file_contexts.
|
|
type su_exec, exec_type, file_type;
|
|
|
|
userdebug_or_eng(`
|
|
# Domain used for su processes, as well as for adbd and adb shell
|
|
# after performing an adb root command. The domain definition is
|
|
# wrapped to ensure that it does not exist at all on -user builds.
|
|
type su, domain;
|
|
domain_auto_trans(shell, su_exec, su)
|
|
|
|
# Allow dumpstate to call su on userdebug / eng builds to collect
|
|
# additional information.
|
|
domain_auto_trans(dumpstate, su_exec, su)
|
|
|
|
# su is unconfined.
|
|
unconfined_domain(su)
|
|
|
|
allow su ashmem_device:chr_file execute;
|
|
allow su self:process execmem;
|
|
tmpfs_domain(su)
|
|
allow su su_tmpfs:file execute;
|
|
allow su debuggerd_prop:property_service set;
|
|
|
|
# su is also permissive to permit setenforce.
|
|
permissive su;
|
|
')
|