90495cc79f
It's better to explicitly disallow access to ot-daemon from other than ot-ctl. Bug: 323502847 Change-Id: Ic46ad4e8f3a1d21bbfc9f4f01e6a692aafcdb815
12 lines
335 B
Text
12 lines
335 B
Text
#
|
|
# ot-ctl is a command line tool for controlling ot-daemon
|
|
#
|
|
|
|
type ot_ctl, domain, coredomain;
|
|
type ot_ctl_exec, exec_type, file_type, system_file_type;
|
|
|
|
# ot-ctl is available in only userdebug or eng build
|
|
userdebug_or_eng(`
|
|
# ot-ctl connects to ot-daemon via the socket
|
|
allow ot_ctl ot_daemon_socket:sock_file rw_file_perms;
|
|
')
|