aboutsummaryrefslogtreecommitdiffstats
path: root/servicemanager.te
diff options
context:
space:
mode:
Diffstat (limited to 'servicemanager.te')
-rw-r--r--servicemanager.te4
1 files changed, 2 insertions, 2 deletions
diff --git a/servicemanager.te b/servicemanager.te
index a928916..9947aa7 100644
--- a/servicemanager.te
+++ b/servicemanager.te
@@ -1,5 +1,5 @@
# servicemanager - the Binder context manager
-type servicemanager, domain;
+type servicemanager, domain, mlstrustedsubject;
type servicemanager_exec, exec_type, file_type;
init_daemon_domain(servicemanager)
@@ -11,7 +11,7 @@ init_daemon_domain(servicemanager)
# created by other domains. It never passes its own references
# or initiates a Binder IPC.
allow servicemanager self:binder set_context_mgr;
-allow servicemanager domain:binder transfer;
+allow servicemanager { domain -init }:binder transfer;
# Check SELinux permissions.
selinux_check_access(servicemanager)
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-23 08:11:38 +0000