5637099a25
As has already been done for untrusted_app, isolated_app, and bluetooth, make all the other domains used for app processes confined while making them permissive until sufficient testing has been done. Change-Id: If55fe7af196636c49d10fc18be2f44669e2626c5 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
14 lines
288 B
Text
14 lines
288 B
Text
###
|
|
### Apps signed with the shared key.
|
|
###
|
|
|
|
type shared_app, domain;
|
|
permissive shared_app;
|
|
app_domain(shared_app)
|
|
platform_app_domain(shared_app)
|
|
# Access the network.
|
|
net_domain(shared_app)
|
|
# Access bluetooth.
|
|
bluetooth_domain(shared_app)
|
|
# ASEC
|
|
r_dir_file(shared_app, asec_apk_file)
|