aboutsummaryrefslogtreecommitdiffstats
path: root/app.te
Commit message (Expand)AuthorAgeFilesLines
* appdomain: relax netlink_socket neverallow ruleNick Kralevich2015-01-291-3/+2
* Revert "isolated_app: Do not allow access to the gpu_device."Nick Kralevich2015-01-161-1/+1
* am 6f201ddc: App: add permissions to read symlinks from dalvik cache.Jeff Hao2014-11-121-0/+1
|\
| * App: add permissions to read symlinks from dalvik cache.Jeff Hao2014-11-121-0/+1
* | am 480374e4: Fix compile time / CTS gps_data_files neverallow assertionNick Kralevich2014-10-171-1/+2
|\|
| * Fix compile time / CTS gps_data_files neverallow assertionNick Kralevich2014-10-161-1/+2
* | am 51bfecf4: Pull keychain-data policy out of system-dataRobin Lee2014-10-151-0/+6
|\|
| * Pull keychain-data policy out of system-dataRobin Lee2014-10-151-0/+6
* | am 49fd9567: Merge "Allow NFC to read/write nfc. system properties." into lmp...Martijn Coenen2014-09-261-2/+2
|\|
| * Merge "Allow NFC to read/write nfc. system properties." into lmp-devMartijn Coenen2014-09-261-2/+2
| |\
| | * Allow NFC to read/write nfc. system properties.Martijn Coenen2014-09-251-2/+2
* | | am 62083414: allow apps to read the contents of mounted OBBsNick Kralevich2014-09-251-0/+4
|\| |
| * | allow apps to read the contents of mounted OBBsNick Kralevich2014-09-241-0/+4
* | | isolated_app: Do not allow access to the gpu_device.Robert Sesek2014-09-231-1/+1
|/ /
* | relax appdomain efs_file neverallow rules [DO NOT MERGE]Nick Kralevich2014-09-231-2/+2
* | relax neverallow rules on NETLINK_KOBJECT_UEVENT socketsNick Kralevich2014-09-221-1/+5
|/
* Enable selinux read_policy for adb pull.dcashman2014-09-091-2/+0
* logd: permit app access to clear logsMark Salyzyn2014-09-011-0/+1
* Merge "Add permissive domains check to sepolicy-analyze." into lmp-devdcashman2014-08-271-0/+2
|\
| * Add permissive domains check to sepolicy-analyze.dcashman2014-08-271-0/+2
* | Allow appdomain read perms on apk_data_files.dcashman2014-08-271-0/+1
|/
* Fix neverallow rules to eliminate CTS SELinuxTest warnings.Stephen Smalley2014-07-301-1/+1
* reconcile aosp (c103da877b72aae80616dbc192982aaf75dfe888) after branching. Pl...Ed Heyl2014-07-141-0/+3
* reconcile aosp (4da3bb1481e4e894a7dee3f3b9ec8cef6f6b1aed) after branching. Pl...Ed Heyl2014-07-141-2/+2
* Remove -unconfineddomain from neverallow rulesNick Kralevich2014-07-041-41/+41
* Grant Bluetooth CAP_WAKE_ALARM so it can use the POSIX timer API for wake ala...Sharvil Nanavati2014-07-011-2/+2
* Remove auditallow statements causing log spam.Riley Spahn2014-07-011-1/+0
* Adding policies for KeyStore MAC.Riley Spahn2014-06-261-0/+5
* Only allow app domains to access SDcard via fuse mount.Stephen Smalley2014-06-201-3/+3
* Fix SELinux policies to allow resource overlays.Nick Kralevich2014-06-161-0/+4
* Remove world-read access to /data/dalvik-cache/profilesNick Kralevich2014-06-121-1/+2
* Refactor the shell domains.Stephen Smalley2014-06-111-1/+1
* Merge adf_device into graphics_deviceNick Kralevich2014-06-031-4/+1
* Adjust rules around /data/app entitiesChristopher Tate2014-06-031-0/+3
* add execmod to various app domainsNick Kralevich2014-06-021-1/+1
* Restrict /data/security and setprop selinux.reload_policy access.Stephen Smalley2014-05-301-3/+0
* remove syslog_* from unconfinedNick Kralevich2014-05-281-2/+2
* allow shell dmesgNick Kralevich2014-05-281-1/+3
* Define SELinux policy for RELRO sharing support.Torne (Richard Coles)2014-05-271-0/+4
* Fix use of valgrind via app wrappingNick Kralevich2014-05-221-1/+2
* Remove duplicate neverallow rule.dcashman2014-05-141-4/+0
* Drop appdomain unlabeled file execute.Stephen Smalley2014-05-081-5/+0
* Add policies for Atomic Display FrameworkGreg Hackmann2014-05-071-2/+4
* Label app data directories for system UID apps with a different type.Stephen Smalley2014-05-071-0/+5
* allow untrusted_app to write to MMS filesNick Kralevich2014-05-051-2/+2
* Define types for an OEM-provided filesystem.Jeff Sharkey2014-04-251-0/+4
* Audit accesses on unlabeled files.Stephen Smalley2014-04-181-0/+1
* Define a type for /data/dalvik-cache/profiles.Stephen Smalley2014-04-091-0/+3
* Coalesce shared_app, media_app, release_app into untrusted_app.Stephen Smalley2014-04-041-0/+1
* Allow reading of radio data files passed over binder.Stephen Smalley2014-03-271-0/+3
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 04:08:52 +0000