diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2014-03-13 08:41:40 -0400 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2014-03-13 13:36:51 +0000 |
commit | 64c0ff007934495105c95954452f4cc1dcada4b3 (patch) | |
tree | 83082f8fb9e854702392e96f87efc66b0621fc7d /rild.te | |
parent | 599e71a9ba8428604145e50b0acbcec1594c414d (diff) | |
download | android_external_sepolicy-64c0ff007934495105c95954452f4cc1dcada4b3.tar.gz android_external_sepolicy-64c0ff007934495105c95954452f4cc1dcada4b3.tar.bz2 android_external_sepolicy-64c0ff007934495105c95954452f4cc1dcada4b3.zip |
Audit attempts by rild to create/write to system_data_file.
Audit attempts by rild to create/write to system_data_file
with avc: granted messages so that we can identify any such
instances and put such directories/files into radio_data_file or
some other type and then remove these rules.
Change-Id: Ice20fed1733a3f4208d541a4baaa8b6c6f44fbb0
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Diffstat (limited to 'rild.te')
-rw-r--r-- | rild.te | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -23,6 +23,8 @@ allow rild radio_data_file:file create_file_perms; allow rild sdcard_type:dir r_dir_perms; allow rild system_data_file:dir create_dir_perms; allow rild system_data_file:file create_file_perms; +auditallow rild system_data_file:dir { create reparent rmdir setattr write add_name remove_name }; +auditallow rild system_data_file:file { create setattr write append link unlink rename }; allow rild system_file:file x_file_perms; dontaudit rild self:capability sys_admin; |