d2ffd35cc0
Currently, app process can freely execute path at `/data/misc_ce/0/sdksandbox/<package-name>` since it's labeled as system file. They can't read or write, but use 403/404 error to figure out if an app is installed or not. By changing the selinux label of the parent directory: `/data/misc_ce/0/sdksandbox`, we can restrict app process from executing inside the directory and avoid the privacy leak. Sandbox process should only have "search" permission on the new label so that it can pass through it to its data directory located in `/data/misc_ce/0/sdksandbox/<package-name>/<per-sdk-dir>`. Bug: 214241165 Test: atest SdkSandboxStorageHostTest Test: `adb shell cd /data/misc_ce/0/sdksandbox` gives error Test: manual test to verify webview still works Change-Id: Id8771b322d4eb5532eaf719f203ca94035e2a8ed Merged-In: Id8771b322d4eb5532eaf719f203ca94035e2a8ed |
||
|---|---|---|
| .. | ||
| api | ||