b362474374
Remove the ability for applications to dlopen() executable code from their home directory for newer API versions. API versions <= 28 are uneffected by this change. Bug: 112357170 Test: cts-tradefed run cts -m CtsRenderscriptTestCases Change-Id: I1d7f3a1015d54b8610d1c561f38a1a3c2bcf79e4
12 lines
361 B
Text
12 lines
361 B
Text
type runas_app, domain;
|
|
typeattribute runas_app coredomain;
|
|
|
|
app_domain(runas_app)
|
|
untrusted_app_domain(runas_app)
|
|
net_domain(runas_app)
|
|
bluetooth_domain(runas_app)
|
|
|
|
# The ability to call exec() or dlopen() on app /data/data
|
|
# files when using run-as on a debuggable app.
|
|
# Needed by simpleperf.
|
|
allow runas_app app_data_file:file { execute_no_trans execute };
|