diff options
| author | Shruthi Krishna <skrish@codeaurora.org> | 2014-07-25 16:21:53 -0700 |
|---|---|---|
| committer | Shruthi Krishna <skrish@codeaurora.org> | 2014-08-04 13:01:15 -0700 |
| commit | f1b38f78a7349cbf1b0bc62b6316d2dab03f1777 (patch) | |
| tree | fb64715d04c51637fd2f5dfe56249a6bb75457d2 /test | |
| parent | 788d88a0f4762e908a3767cd0ac43530ab2b9cde (diff) | |
| download | android_device_qcom_sepolicy-f1b38f78a7349cbf1b0bc62b6316d2dab03f1777.tar.gz android_device_qcom_sepolicy-f1b38f78a7349cbf1b0bc62b6316d2dab03f1777.tar.bz2 android_device_qcom_sepolicy-f1b38f78a7349cbf1b0bc62b6316d2dab03f1777.zip | |
Revoke permission of daemons from su domain
Do not allow transition from su domain
Change-Id: I999cd25f5cc9c7aa1d4b24667456138825bf16ea
Diffstat (limited to 'test')
| -rw-r--r-- | test/diag_test.te | 1 | ||||
| -rw-r--r-- | test/qmi_ping.te | 1 | ||||
| -rw-r--r-- | test/qmi_test_service.te | 1 | ||||
| -rw-r--r-- | test/sensors_test.te | 1 | ||||
| -rw-r--r-- | test/smd_test.te | 1 |
5 files changed, 0 insertions, 5 deletions
diff --git a/test/diag_test.te b/test/diag_test.te index de6ee463..3ed38159 100644 --- a/test/diag_test.te +++ b/test/diag_test.te @@ -2,7 +2,6 @@ type diagdciclient_exec, exec_type, file_type; userdebug_or_eng(` type diag_test, domain; domain_auto_trans(shell, diagdciclient_exec, diag_test) - domain_auto_trans(su, diagdciclient_exec, diag_test) domain_auto_trans(adbd, diagdciclient_exec, diag_test) allow diag_test devpts:chr_file getattr; allow diag_test self:capability dac_override; diff --git a/test/qmi_ping.te b/test/qmi_ping.te index 20869b27..d2ec5988 100644 --- a/test/qmi_ping.te +++ b/test/qmi_ping.te @@ -4,7 +4,6 @@ type qmi_ping_exec, exec_type, file_type; userdebug_or_eng(` type qmi_ping, domain; domain_auto_trans(shell, qmi_ping_exec, qmi_ping) - domain_auto_trans(su, qmi_ping_exec, qmi_ping) domain_auto_trans(adbd, qmi_ping_exec, qmi_ping) #test launched from pseudo terminal, so output goes there allow qmi_ping devpts:chr_file {read write ioctl getattr}; diff --git a/test/qmi_test_service.te b/test/qmi_test_service.te index 008ba28e..03650fb1 100644 --- a/test/qmi_test_service.te +++ b/test/qmi_test_service.te @@ -4,7 +4,6 @@ type qmi_test_service_exec, exec_type, file_type; userdebug_or_eng(` type qmi_test_service, domain; domain_auto_trans(shell, qmi_test_service_exec, qmi_test_service) - domain_auto_trans(su, qmi_test_service_exec, qmi_test_service) domain_auto_trans(adbd, qmi_test_service_exec, qmi_test_service) #test is launched from pseudo terminal so output goes there allow qmi_test_service devpts:chr_file {read write getattr ioctl}; diff --git a/test/sensors_test.te b/test/sensors_test.te index a1d110e1..591ba5e3 100644 --- a/test/sensors_test.te +++ b/test/sensors_test.te @@ -5,7 +5,6 @@ userdebug_or_eng(` type sensors_test, domain; domain_auto_trans(shell, sensors_test_exec, sensors_test) - domain_auto_trans(su, sensors_test_exec, sensors_test) domain_auto_trans(adbd, sensors_test_exec, sensors_test) allow sensors_test devpts:chr_file { open read write ioctl getattr }; diff --git a/test/smd_test.te b/test/smd_test.te index 2ad4a96c..b5b2df12 100644 --- a/test/smd_test.te +++ b/test/smd_test.te @@ -4,7 +4,6 @@ type smd_test_exec, exec_type, file_type; userdebug_or_eng(` type smd_test, domain; domain_auto_trans(shell, smd_test_exec, smd_test) - domain_auto_trans(su, smd_test_exec, smd_test) domain_auto_trans(adbd, smd_test_exec, smd_test) #SMD device node and test file contexts allow smd_test smd_device:chr_file {ioctl read write open getattr append}; |