platform_system_sepolicy/public/adbd.te
Changyeon Jo cfeaa1c664 Allow adb start/stop mdnsd via ctl.start/stop
Bug: 128345139
Test: make selinux_policy
Change-Id: I477d6d94c16974f23f703d5f334ef108279ab3bb
Signed-off-by: Changyeon Jo <changyeon@google.com>
2019-04-16 08:39:33 -07:00

11 lines
405 B
Text

# adbd seclabel is specified in init.rc since
# it lives in the rootfs and has no unique file type.
type adbd, domain;
type adbd_exec, exec_type, file_type, system_file_type;
# Only init is allowed to enter the adbd domain via exec()
neverallow { domain -init } adbd:process transition;
neverallow * adbd:process dyntransition;
# Allow adbd start/stop mdnsd via ctl.start
set_prop(adbd, ctl_mdnsd_prop)