aboutsummaryrefslogtreecommitdiffstats
path: root/init.te
Commit message (Expand)AuthorAgeFilesLines
* init.te: Don't allow mounting on top of /procNick Kralevich2015-04-251-2/+0
* Revert "Revert "SELinux policy changes for re-execing init.""Elliott Hughes2015-04-241-6/+23
* Revert "SELinux policy changes for re-execing init."Nick Kralevich2015-04-241-23/+6
* SELinux policy changes for re-execing init.Elliott Hughes2015-04-231-6/+23
* Directory for vold to store private data.Jeff Sharkey2015-04-011-4/+9
* Adding e4crypt supportPaul Lawrence2015-03-271-0/+12
* Allow init to set up dm-veritySami Tolvanen2015-03-051-0/+12
* init: drop read_policy permissionNick Kralevich2015-02-281-3/+0
* init: remove permissive_or_unconfined()Stephen Smalley2015-02-271-1/+0
* allow init tmpfs:dir relabelfromNick Kralevich2015-02-271-0/+3
* Allow init to execute /sbin/slideshowSami Tolvanen2015-02-261-0/+1
* Revert /proc/net related changesNick Kralevich2015-02-251-2/+1
* bootchart: add policy rules for bootchartYongqin Liu2015-02-241-1/+6
* allow init fs_type:dir searchNick Kralevich2015-02-081-1/+2
* No one needs LD_PRELOAD from init any more.Elliott Hughes2015-02-061-6/+0
* remove /proc/net read access from domain.teNick Kralevich2015-01-141-1/+2
* init.te: remove unactionable auditallow statementsNick Kralevich2015-01-051-2/+0
* init: allow rootfs symlink removalNick Kralevich2014-12-231-2/+2
* Allow init to chown/chmod character devices.Stephen Smalley2014-11-101-1/+1
* Allow init to restorecon /data directories on upgrades.Stephen Smalley2014-10-301-1/+1
* Switch kernel and init to permissive_or_unconfined().Stephen Smalley2014-10-291-7/+107
* Remove -unconfineddomain from neverallow rules.Stephen Smalley2014-10-211-0/+18
* allow init swapon()Nick Kralevich2014-10-201-0/+4
* Do not allow init to execute anything without changing domains.Stephen Smalley2014-09-281-8/+5
* Prohibit reading of untrusted symlinks via neverallow.Stephen Smalley2014-09-021-0/+4
* Allow init to restorecon sysfs files.Stephen Smalley2014-07-171-0/+1
* lmkd: avoid locking libsigchain into memoryNick Kralevich2014-07-171-2/+2
* Remove domain:process from unconfinedNick Kralevich2014-07-101-6/+21
* Align SELinux property policy with init property_perms.Stephen Smalley2014-06-231-0/+3
* unconfined: remove internet accessNick Kralevich2014-06-231-0/+3
* Allow init to relabel rootfs files.Stephen Smalley2014-06-231-0/+3
* Remove execute_no_trans from unconfineddomain.Stephen Smalley2014-06-191-0/+6
* Prevent adding transitions to kernel or init domains.Stephen Smalley2014-06-181-0/+10
* Restrict use of context= mount options.Stephen Smalley2014-06-161-2/+11
* remove shell_data_file from unconfined.Nick Kralevich2014-06-071-0/+4
* Restrict /data/security and setprop selinux.reload_policy access.Stephen Smalley2014-05-301-0/+7
* Explictly allow init and kernel unlabeled access.Stephen Smalley2014-05-301-0/+4
* Clean up kernel, init, and recovery domains.Stephen Smalley2014-05-291-3/+16
* Remove /system write from unconfinedNick Kralevich2014-05-291-1/+2
* Protect /data/property.Stephen Smalley2014-05-291-0/+4
* remove syslog_* from unconfinedNick Kralevich2014-05-281-0/+1
* Restrict requesting contexts other than policy-defined defaults.Stephen Smalley2014-05-231-0/+6
* Drop relabelto_domain() macro and its associated definitions.Stephen Smalley2014-05-091-1/+0
* Protect keystore's files.Nick Kralevich2014-05-091-0/+5
* Remove block device access from unconfined domains.Stephen Smalley2014-02-121-0/+1
* Remove several superuser capabilities from unconfined domains.Stephen Smalley2014-02-121-0/+2
* Remove mount-related permissions from unconfined domains.Stephen Smalley2014-02-111-0/+1
* Remove transition / dyntransition from unconfinedNick Kralevich2014-01-271-0/+8
* Allow kernel domain, not init domain, to set SELinux enforcing mode.Stephen Smalley2013-12-061-1/+1
* Revert "Allow kernel domain, not init domain, to set SELinux enforcing mode."Nick Kralevich2013-12-061-1/+0
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 07:32:57 +0000