9c2a5cf0c9
no writing to system_file_type is the intention here, but they only restricted system_file. this does not touch the untrusted_app lock neverallow, because it's specific to a single system_file, and r_file_perms includes 'lock'. Bug: 281877578 Test: build (neverallow only change) Change-Id: I6c6078bc27c49e5a88862eaa330638f442dba9ee
24 lines
799 B
Text
24 lines
799 B
Text
# android recovery refresh log manager
|
|
type recovery_refresh, domain;
|
|
type recovery_refresh_exec, system_file_type, exec_type, file_type;
|
|
|
|
allow recovery_refresh pstorefs:dir search;
|
|
allow recovery_refresh pstorefs:file r_file_perms;
|
|
# NB: domain inherits write_logd which hands us write to pmsg_device
|
|
|
|
###
|
|
### Neverallow rules
|
|
###
|
|
### recovery_refresh should NEVER do any of this
|
|
|
|
# Block device access.
|
|
neverallow recovery_refresh dev_type:blk_file { read write };
|
|
|
|
# ptrace any other app
|
|
neverallow recovery_refresh domain:process ptrace;
|
|
|
|
# Write to /system.
|
|
neverallow recovery_refresh system_file_type:dir_file_class_set write;
|
|
|
|
# Write to files in /data/data or system files on /data
|
|
neverallow recovery_refresh { app_data_file privapp_data_file system_data_file }:dir_file_class_set write;
|