76aab82cb3
This attribute is being actively removed from policy. Since
attributes are not being versioned, partners must not be able to
access and use this attribute. Move it from private and verify in
the logs that rild and tee are not using these permissions.
Bug: 38316109
Test: build and boot Marlin
Test: Verify that rild and tee are not being granted any of these
permissions.
Change-Id: I31beeb5bdf3885195310b086c1af3432dc6a349b
9 lines
406 B
Text
9 lines
406 B
Text
# Process which creates/updates shared RELRO files to be used by other apps.
|
|
type shared_relro, domain;
|
|
|
|
# Grant write access to the shared relro files/directory.
|
|
allow shared_relro shared_relro_file:dir rw_dir_perms;
|
|
allow shared_relro shared_relro_file:file create_file_perms;
|
|
|
|
# Needs to contact the "webviewupdate" and "activity" services
|
|
allow shared_relro webviewupdate_service:service_manager find;
|