dc88dca115
The original concept was to allow separation between /data/data/<pkgdir> files of "platform" apps (signed by one of the four build keys) and untrusted apps. But we had to allow read/write to support passing of open files via Binder or local socket for compatibilty, and it seems that direct open by pathname is in fact used in Android as well, only passing the pathname via Binder or local socket. So there is no real benefit to keeping it as a separate type. Retain a type alias for platform_app_data_file to app_data_file until restorecon /data/data support is in place to provide compatibility. Change-Id: Ic15066f48765322ad40500b2ba2801bb3ced5489 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
16 lines
745 B
Text
16 lines
745 B
Text
#
|
|
# Rules for all platform app domains.
|
|
# These rules are inherited by any domain that includes platform_app_domain().
|
|
# Presently this consists of the four app domains corresponding to apps
|
|
# signed by one of the four build keys: platform_app, shared_app, media_app,
|
|
# release_app. These app domains have greater permissions to specific
|
|
# directories owned by groups that are restricted to apps with
|
|
# Android permissions that are signature|system.
|
|
|
|
# Access to /data/media.
|
|
allow platformappdomain media_rw_data_file:dir create_dir_perms;
|
|
allow platformappdomain media_rw_data_file:file create_file_perms;
|
|
|
|
# Write to /cache.
|
|
allow platformappdomain cache_file:dir create_dir_perms;
|
|
allow platformappdomain cache_file:file create_file_perms;
|