platform_system_sepolicy/public/priv_app.te
Alex Klyubin 92295ef8bd Move priv_app policy to private
This leaves the existence of priv_app domain as public API. All other
rules are implementation details of this domain's policy and are thus
now private.

Test: No change to policy according to sesearch, except for
      disappearance of all allow rules from priv_app_current
      attribute (as expected) except for
      allow priv_app_current update_engine_current:binder transfer;
      which is caused by public update_engine.te rules and will go
      away once update_engine rules go private.
Bug: 31364497

Change-Id: Iea583127fbf0a19c37dd42bf1ef2ae0454793391
2017-01-05 15:44:32 -08:00

5 lines
85 B
Text

###
### A domain for further sandboxing privileged apps.
###
type priv_app, domain;