diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2014-05-12 11:18:21 -0400 |
|---|---|---|
| committer | Stephen Smalley <sds@tycho.nsa.gov> | 2014-05-12 11:31:09 -0400 |
| commit | baf49bd541a9df4f38bf917fbfc850569a4cae94 (patch) | |
| tree | d54fc49bf0f11e938ad3dd5dcc61b7e82268c975 /file.te | |
| parent | 41e14c7f9da5bdf07e2ac7a323c0fddab8a090a0 (diff) | |
| download | android_external_sepolicy-baf49bd541a9df4f38bf917fbfc850569a4cae94.tar.gz android_external_sepolicy-baf49bd541a9df4f38bf917fbfc850569a4cae94.tar.bz2 android_external_sepolicy-baf49bd541a9df4f38bf917fbfc850569a4cae94.zip | |
Label /data/.layout_version with its own type.
installd creates /data/.layout_version. Introduce a separate type
for this file (and any other file created by installd under a directory
labeled system_data_file) so that we can allow create/write access by
installd without allowing it to any system data files created by other
processes. This prevents installd from overwriting other system data
files, and ensure that any files it creates will require explicit
rules in order to access.
Change-Id: Id04e49cd571390d18792949c8b2b13b1ac59c016
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'file.te')
| -rw-r--r-- | file.te | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -41,6 +41,9 @@ type unlabeled, file_type; type system_file, file_type; # Default type for anything under /data. type system_data_file, file_type, data_file_type; +# /data/.layout_version or other installd-created files that +# are created in a system_data_file directory. +type install_data_file, file_type, data_file_type; # /data/drm - DRM plugin data type drm_data_file, file_type, data_file_type; # /data/anr - ANR traces |