tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/private/untrusted_app_27.te
Alan Stokes c6cbeadb21 Un-revert "Audit execution of app_data_file native code." 
This was originally implemented in commit
890414725f and reverted in commit
fa3eb773ce. This effectively reverts the
revert, with minimal changes to cope with the subsequent reversion of
commit b362474374.

Auditing is only enabled for apps targeting API <= 28.

Test: Compiles, audit messages are seen.
Bug: 121333210
Bug: 111338677
Change-Id: Ie38498a2b61f4b567902117f9ef293faa0e689dd
2019-01-07 14:08:11 +00:00

38 lines
1.7 KiB
Text
Raw Blame History

###
### Untrusted_27.
###
### This file defines the rules for untrusted apps running with
### 25 < targetSdkVersion <= 28.
###
### This file defines the rules for untrusted apps.
### Apps are labeled based on mac_permissions.xml (maps signer and
### optionally package name to seinfo value) and seapp_contexts (maps UID
### and optionally seinfo value to domain for process and type for data
### directory). The untrusted_app_27 domain is the default assignment in
### seapp_contexts for any app with UID between APP_AID (10000)
### and AID_ISOLATED_START (99000) if the app has no specific seinfo
### value as determined from mac_permissions.xml. In current AOSP, this
### domain is assigned to all non-system apps as well as to any system apps
### that are not signed by the platform key. To move
### a system app into a specific domain, add a signer entry for it to
### mac_permissions.xml and assign it one of the pre-existing seinfo values
### or define and use a new seinfo value in both mac_permissions.xml and
### seapp_contexts.
###
typeattribute untrusted_app_27 coredomain;
app_domain(untrusted_app_27)
untrusted_app_domain(untrusted_app_27)
net_domain(untrusted_app_27)
bluetooth_domain(untrusted_app_27)
# The ability to call exec() on files in the apps home directories
# for targetApi 26, 27, and 28.
allow untrusted_app_27 app_data_file:file execute_no_trans;
userdebug_or_eng(`auditallow untrusted_app_27 app_data_file:file { execute execute_no_trans };')
# The ability to invoke dex2oat. Historically required by ART, now only
# allowed for targetApi<=28 for compat reasons.
allow untrusted_app_27 dex2oat_exec:file rx_file_perms;
userdebug_or_eng(`auditallow untrusted_app_27 dex2oat_exec:file rx_file_perms;')
Reference in a new issue View git blame Copy permalink