09b27c7109
For visibility Bug: 232023812 Test: N/A Change-Id: I0bc6dc568210b81ba1f52acb18afd4bcc454ea1c
18 lines
666 B
Text
18 lines
666 B
Text
###
|
|
### Ephemeral apps.
|
|
###
|
|
### This file defines the security policy for apps with the ephemeral
|
|
### feature.
|
|
###
|
|
### The ephemeral_app domain is a reduced permissions sandbox allowing
|
|
### ephemeral applications to be safely installed and run. Non ephemeral
|
|
### applications may also opt-in to ephemeral to take advantage of the
|
|
### additional security features.
|
|
###
|
|
### PackageManager flags an app as ephemeral at install time.
|
|
|
|
type ephemeral_app, domain;
|
|
|
|
# system/sepolicy/public is for vendor-facing type and attribute definitions.
|
|
# DO NOT ADD allow, neverallow, or dontaudit statements here.
|
|
# Instead, add such policy rules to system/sepolicy/private/*.te.
|