aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNick Kralevich <nnk@google.com>2013-12-16 15:10:38 +0000
committerGerrit Code Review <noreply-gerritcodereview@google.com>2013-12-16 15:10:38 +0000
commit96c266c3901eeab0476c6d08459d5748ff28889d (patch)
treef8d1cb8b64e206b5dfc56b31af4cbd646950d273
parent8b0ce1b189e1fde8f3b16a6758369bfbe690ead8 (diff)
parentbc19050cdd0178bc43faa588acc1875ae5c0af2c (diff)
downloadandroid_external_sepolicy-96c266c3901eeab0476c6d08459d5748ff28889d.tar.gz
android_external_sepolicy-96c266c3901eeab0476c6d08459d5748ff28889d.tar.bz2
android_external_sepolicy-96c266c3901eeab0476c6d08459d5748ff28889d.zip
Merge "put netd into net_domain"
Diffstat
-rw-r--r--netd.te6
1 files changed, 2 insertions, 4 deletions
diff --git a/netd.te b/netd.te
index 938fc68..72784da 100644
--- a/netd.te
+++ b/netd.te
@@ -3,15 +3,13 @@ type netd, domain;
type netd_exec, exec_type, file_type;
init_daemon_domain(netd)
+net_domain(netd)
+
allow netd self:capability { net_admin net_raw kill fsetid };
allow netd self:netlink_kobject_uevent_socket *;
allow netd self:netlink_route_socket *;
allow netd self:netlink_nflog_socket *;
allow netd self:rawip_socket *;
-allow netd self:{ tcp_socket udp_socket } *;
-allow netd node:{ tcp_socket udp_socket } node_bind;
-allow netd port:{ tcp_socket udp_socket } name_bind;
-allow netd port:tcp_socket name_connect;
allow netd self:unix_stream_socket *;
allow netd shell_exec:file rx_file_perms;
allow netd system_file:file x_file_perms;
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-24 14:34:13 +0000