diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2014-02-10 16:31:04 -0500 |
|---|---|---|
| committer | Stephen Smalley <sds@tycho.nsa.gov> | 2014-02-12 11:14:16 -0500 |
| commit | 5487ca00d4788de367a9d099714f6df4d86ef261 (patch) | |
| tree | df70addd5d6e49779734f0562823d0fc6920bbd1 /recovery.te | |
| parent | 3db328fd2c7d6b396a4a2f6204841a26d7783939 (diff) | |
| download | android_external_sepolicy-5487ca00d4788de367a9d099714f6df4d86ef261.tar.gz android_external_sepolicy-5487ca00d4788de367a9d099714f6df4d86ef261.tar.bz2 android_external_sepolicy-5487ca00d4788de367a9d099714f6df4d86ef261.zip | |
Remove several superuser capabilities from unconfined domains.
Remove sys_ptrace and add a neverallow for it.
Remove sys_rawio and mknod, explicitly allow to kernel, init, and recovery,
and add a neverallow for them.
Remove sys_module. It can be added back where appropriate in device
policy if using a modular kernel. No neverallow since it is device
specific.
Change-Id: I1a7971db8d247fd53a8f9392de9e46250e91f89b
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'recovery.te')
| -rw-r--r-- | recovery.te | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/recovery.te b/recovery.te index 37d6455..ea444c4 100644 --- a/recovery.te +++ b/recovery.te @@ -13,3 +13,7 @@ allow recovery fs_type:filesystem *; allow recovery self:process execmem; allow recovery ashmem_device:chr_file execute; allow recovery tmpfs:file rx_file_perms; + +## TODO: Investigate whether it is safe to remove these +allow recovery self:capability { sys_rawio mknod }; +auditallow recovery self:capability { sys_rawio mknod }; |