3b97552ffb
Allow run-as to transmit unix_stream_sockets from the shell user to Android apps. This is needed for Android Studio's profiling tool to allow communcation between apps and debugging tools which run as the shell user. Bug: 35672396 Test: Functionality was tested by shukang Test: policy compiles. Change-Id: I2cc2e4cd5b9071cbc7d6f6b5b0b71595fecb455e
32 lines
1 KiB
Text
32 lines
1 KiB
Text
type runas, domain, domain_deprecated, mlstrustedsubject;
|
|
type runas_exec, exec_type, file_type;
|
|
|
|
allow runas adbd:process sigchld;
|
|
allow runas shell:fd use;
|
|
allow runas shell:fifo_file { read write };
|
|
allow runas shell:unix_stream_socket { read write };
|
|
allow runas devpts:chr_file { read write ioctl };
|
|
allow runas shell_data_file:file { read write };
|
|
|
|
# run-as reads package information.
|
|
allow runas system_data_file:file r_file_perms;
|
|
|
|
# run-as checks and changes to the app data dir.
|
|
dontaudit runas self:capability dac_override;
|
|
allow runas app_data_file:dir { getattr search };
|
|
|
|
# run-as switches to the app UID/GID.
|
|
allow runas self:capability { setuid setgid };
|
|
|
|
# run-as switches to the app security context.
|
|
selinux_check_context(runas) # validate context
|
|
allow runas self:process setcurrent;
|
|
allow runas non_system_app_set:process dyntransition; # setcon
|
|
|
|
###
|
|
### neverallow rules
|
|
###
|
|
|
|
# run-as cannot have capabilities other than CAP_SETUID and CAP_SETGID
|
|
neverallow runas self:capability ~{ setuid setgid };
|
|
neverallow runas self:capability2 *;
|