aboutsummaryrefslogtreecommitdiffstats
path: root/untrusted_app.te
Commit message (Expand)AuthorAgeFilesLines
* Further restrict socket ioctls available to appsJeff Vander Stoep2016-05-271-1/+1
* Merge "untrusted_apps: Allow untrusted apps to find healthd_service." into mn...Nick Kralevich2015-10-191-0/+1
|\
| * untrusted_apps: Allow untrusted apps to find healthd_service.Ruchi Kandoi2015-10-191-0/+1
* | Allow untrusted_app to list services.dcashman2015-09-101-0/+3
|/
* restrict app access to socket ioctlsJeff Vander Stoep2015-06-051-11/+2
* Allow MediaProvider to traverse /mnt/media_rw.Jeff Sharkey2015-05-191-0/+4
* Merge "Allow tty and wireless extensions ioctls" into mnc-devJeff Vander Stoep2015-05-151-1/+2
|\
| * Allow tty and wireless extensions ioctlsJeff Vander Stoep2015-05-151-1/+2
* | dontaudit untrusted_app exec_type:file getattrNick Kralevich2015-05-131-0/+5
|/
* Update sepolicy to add label for /data/misc/perfprofd.Dehao Chen2015-05-061-0/+7
* Deny untrusted app ioctl access to MAC addrJeff Vander Stoep2015-05-051-0/+11
* Expand access to gatekeeperd.Alex Klyubin2015-04-291-4/+0
* gatekeeperd: use more specific label for /data fileNick Kralevich2015-04-171-0/+4
* Enforce more specific service access.dcashman2015-04-091-22/+0
* Enforce more specific service access.dcashman2015-04-081-6/+3
* Enforce more specific service access.dcashman2015-04-071-11/+0
* Enforce more specific service access.dcashman2015-04-071-7/+0
* Enforce more specific service access.dcashman2015-04-071-7/+0
* Assign app_api_service attribute to services.dcashman2015-04-061-6/+0
* Assign app_api_service attribute to services.dcashman2015-04-031-4/+0
* Add system_api_service and app_api_service attributes.dcashman2015-04-031-1/+4
* Record observed service accesses.dcashman2015-04-011-0/+7
* Add graphicsstats serviceJohn Reck2015-03-271-0/+1
* Don't grant hard link capabilities by default.Nick Kralevich2015-03-271-0/+8
* neverallow untrusted_app as a mlstrustedsubject.Stephen Smalley2015-03-131-0/+10
* Move allow rules before neverallow rules.Stephen Smalley2015-03-131-4/+4
* Record observed bluetooth service access.dcashman2015-03-061-0/+1
* allow untrusted_app read /data/anr/traces.txtNick Kralevich2015-03-051-0/+8
* move untrusted_app statement to the correct file.Nick Kralevich2015-03-051-0/+5
* Record observed system_server servicemanager service requests.dcashman2015-03-031-0/+14
* Allow platform_app access to keystore.dcashman2015-03-021-1/+0
* appdomain: relax netlink_socket neverallow ruleNick Kralevich2015-01-281-1/+4
* Record service accesses.dcashman2015-01-161-37/+2
* Remove known system_server service accesses from auditing.dcashman2015-01-151-25/+41
* Make system_server_service an attribute.dcashman2015-01-141-0/+59
* Restrict service_manager find and list access.dcashman2014-12-151-12/+7
* sepolicy: allow system apps to access ASECPawit Pornkitprasan2014-12-121-1/+0
* fix whitespaceNick Kralevich2014-10-141-1/+1
* relax neverallow rules on NETLINK_KOBJECT_UEVENT socketsNick Kralevich2014-09-211-0/+3
* Allow untrusted_app access to temporary apk files.dcashman2014-08-061-0/+4
* Further refined service_manager auditallow statements.Riley Spahn2014-07-181-0/+1
* Remove radio_service from untrusted_app auditallow.Riley Spahn2014-07-151-0/+1
* Add access control for each service_manager action.Riley Spahn2014-07-141-0/+11
* Don't use don'tNick Kralevich2014-07-091-1/+1
* ensure that untrusted_app can't set propertiesNick Kralevich2014-07-091-0/+6
* Add neverallow rules further restricing service_manager.Riley Spahn2014-07-071-0/+5
* add execmod to various app domainsNick Kralevich2014-06-021-2/+2
* untrusted_app: neverallow debugfsNick Kralevich2014-05-131-0/+8
* Make the untrusted_app domain enforcing.Stephen Smalley2014-05-011-1/+0
* Coalesce shared_app, media_app, release_app into untrusted_app.Stephen Smalley2014-04-041-1/+17
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 04:23:32 +0000