77d4731e9d
This prevents denials from being generated by the base policy. Over time, these rules will be incrementally tightened to improve security. Change-Id: I4be1c987a5d69ac784a56d42fc2c9063c402de11
5 lines
182 B
Text
5 lines
182 B
Text
# Restricted domain for shell processes spawned by init
|
|
type init_shell, domain;
|
|
permissive init_shell;
|
|
domain_auto_trans(init, shell_exec, init_shell)
|
|
unconfined_domain(init_shell)
|