diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2013-09-27 10:38:14 -0400 |
---|---|---|
committer | Steve Kondik <shade@chemlab.org> | 2014-04-05 13:25:11 -0700 |
commit | c4b09027aa239298379d9a6bd7f99ffae872459b (patch) | |
tree | ad04dee58a56e43ca056cbabc86be8991f6eb892 | |
parent | a0956744ed3cca8b6e115f1b721259ae658ecd54 (diff) | |
download | android_external_sepolicy-c4b09027aa239298379d9a6bd7f99ffae872459b.tar.gz android_external_sepolicy-c4b09027aa239298379d9a6bd7f99ffae872459b.tar.bz2 android_external_sepolicy-c4b09027aa239298379d9a6bd7f99ffae872459b.zip |
Make sure exec_type is assigned to all entrypoint types.
Some file types used as domain entrypoints were missing the
exec_type attribute. Add it and add a neverallow rule to
keep it that way.
Change-Id: I7563f3e03940a27ae40ed4d6bb74181c26148849
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
-rw-r--r-- | ping.te | 2 | ||||
-rw-r--r-- | runas.te | 2 | ||||
-rw-r--r-- | shell.te | 2 | ||||
-rw-r--r-- | su.te | 2 | ||||
-rw-r--r-- | su_user.te | 2 |
5 files changed, 5 insertions, 5 deletions
@@ -1,5 +1,5 @@ type ping, domain; permissive ping; -type ping_exec, file_type; +type ping_exec, exec_type, file_type; domain_auto_trans(shell, ping_exec, ping) unconfined_domain(ping) @@ -1,5 +1,5 @@ type runas, domain; -type runas_exec, file_type; +type runas_exec, exec_type, file_type; permissive runas; unconfined_domain(runas) @@ -1,6 +1,6 @@ # Domain for shell processes spawned by ADB type shell, domain; -type shell_exec, file_type; +type shell_exec, exec_type, file_type; unconfined_domain(shell) # Run app_process. @@ -1,6 +1,6 @@ type su, domain; permissive su; -type su_exec, file_type; +type su_exec, exec_type, file_type; domain_auto_trans(shell, su_exec, su) # su is unconfined. @@ -1,4 +1,4 @@ # File types must be defined for file_contexts. -type su_exec, file_type; +type su_exec, exec_type, file_type; # No allow rules |