platform_system_sepolicy/adbd.te
Alex Klyubin 3b9fd5ffcd SELinux policy: let adbd drop Linux capabilities.
Change-Id: Id41891b89c7b067919cbda06ab97d5eff2ad044f
2013-05-10 00:30:23 +00:00

41 lines
1.7 KiB
Text

# adbd seclabel is specified in init.rc since
# it lives in the rootfs and has no unique file type.
type adbd, domain, mlstrustedsubject;
allow adbd adb_device:chr_file rw_file_perms;
allow adbd qemu_device:chr_file rw_file_perms;
allow adbd self:capability { net_raw setgid setuid setpcap dac_override sys_boot sys_admin };
allow adbd rootfs:file { r_file_perms entrypoint };
allow adbd init:process sigchld;
allow adbd self:tcp_socket *;
allow adbd self:unix_stream_socket *;
allow adbd node:tcp_socket node_bind;
allow adbd port:tcp_socket name_bind;
allow adbd devpts:chr_file rw_file_perms;
allow adbd cgroup:dir { write add_name create };
allow adbd labeledfs:filesystem remount;
allow adbd shell_data_file:dir rw_dir_perms;
allow adbd shell_data_file:file create_file_perms;
allow adbd sdcard_type:dir create_dir_perms;
allow adbd sdcard_type:file create_file_perms;
allow adbd graphics_device:dir search;
allow adbd graphics_device:chr_file r_file_perms;
# XXX Run /system/bin/vdc to connect to vold. Run in a separate domain?
allow adbd system_file:file rx_file_perms;
unix_socket_connect(adbd, vold, vold)
# Talk to init via the property socket.
unix_socket_connect(adbd, property, init)
# Run sh in its own domain.
domain_auto_trans(adbd, shell_exec, shell)
# Do not sanitize the environment of the shell.
allow adbd shell:process noatsecure;
# XXX Mostly to access system properties and keys- maybe those should be their own type?
allow adbd system_data_file:file create_file_perms;
allow adbd system_data_file:dir create_dir_perms;
# Perform binder IPC to surfaceflinger (screencap)
# XXX Run screencap in a separate domain?
binder_use(adbd)
binder_call(adbd, surfaceflinger)