252b015365
Because applications should be able to set the receive timeout on UDP encapsulation sockets, we need to allow setsockopt(). getsockopt() is an obvious allowance as well. Bug: 68689438 Test: compilation Merged-In: I2eaf72bcce5695f1aee7a95ec03111eca577651c Change-Id: I2eaf72bcce5695f1aee7a95ec03111eca577651c
7 lines
300 B
Text
7 lines
300 B
Text
# TODO: deal with tmpfs_domain pub/priv split properly
|
|
# Read system properties managed by zygote.
|
|
allow appdomain zygote_tmpfs:file read;
|
|
|
|
neverallow appdomain system_server:udp_socket {
|
|
accept append bind create ioctl listen lock name_bind
|
|
relabelfrom relabelto setattr shutdown };
|