diff options
author | Nick Kralevich <nnk@google.com> | 2015-01-29 16:49:52 -0800 |
---|---|---|
committer | Nick Kralevich <nnk@google.com> | 2015-01-29 16:57:15 -0800 |
commit | 361cdaff3096fafc16bbe88b84d6f99f7944def7 (patch) | |
tree | 4434474419b66e16654c5e17e891b81483840462 /system_server.te | |
parent | db1320f550723616165d67faffd6197b8415dbf8 (diff) | |
download | android_external_sepolicy-361cdaff3096fafc16bbe88b84d6f99f7944def7.tar.gz android_external_sepolicy-361cdaff3096fafc16bbe88b84d6f99f7944def7.tar.bz2 android_external_sepolicy-361cdaff3096fafc16bbe88b84d6f99f7944def7.zip |
system_server: neverallow dex2oat exec
system_server should never be executing dex2oat. This is either
a bug (for example, bug 16317188), or represents an attempt by
system server to dynamically load a dex file, something we don't
want to allow.
This change adds a compile time assertion which will detect
if an allow rule granting this access is ever added.
No new rules are added or deleted as a result of this change.
This neverallow rule is automatically enforced via CTS.
Bug: 16317188
Change-Id: Id783e05d9f48d48642dbb89d9c78be4aae8af70c
Diffstat (limited to 'system_server.te')
-rw-r--r-- | system_server.te | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/system_server.te b/system_server.te index aaa0657..bfe5b89 100644 --- a/system_server.te +++ b/system_server.te @@ -485,3 +485,9 @@ neverallow system_server sdcard_type:file rw_file_perms; # Types extracted from seapp_contexts type= fields, excluding # those types that system_server needs to open directly. neverallow system_server { bluetooth_data_file nfc_data_file shell_data_file app_data_file }:file open; + +# system_server should never be executing dex2oat. This is either +# a bug (for example, bug 16317188), or represents an attempt by +# system server to dynamically load a dex file, something we do not +# want to allow. +neverallow system_server dex2oat_exec:file no_x_file_perms; |