aboutsummaryrefslogtreecommitdiffstats
path: root/untrusted_app.te
Commit message (Expand)AuthorAgeFilesLines
* appdomain: relax netlink_socket neverallow ruleNick Kralevich2015-01-291-1/+4
* sepolicy: allow system apps to access ASECPawit Pornkitprasan2014-12-121-1/+0
* allow untrusted_app read /data/anr/traces.txtNick Kralevich2014-12-031-0/+8
* relax neverallow rules on NETLINK_KOBJECT_UEVENT socketsNick Kralevich2014-09-221-0/+3
* DO NOT MERGE. Allow untrusted_app access to temporary apk files.dcashman2014-08-071-0/+4
* DO NOT MERGE: Remove service_manager audit_allows.Riley Spahn2014-07-181-13/+0
* Further refined service_manager auditallow statements.Riley Spahn2014-07-181-0/+1
* Remove radio_service from untrusted_app auditallow.Riley Spahn2014-07-151-0/+1
* Add access control for each service_manager action.Riley Spahn2014-07-151-0/+11
* Don't use don'tNick Kralevich2014-07-091-1/+1
* ensure that untrusted_app can't set propertiesNick Kralevich2014-07-091-0/+6
* Add neverallow rules further restricing service_manager.Riley Spahn2014-07-071-0/+5
* add execmod to various app domainsNick Kralevich2014-06-021-2/+2
* untrusted_app: neverallow debugfsNick Kralevich2014-05-131-0/+8
* Make the untrusted_app domain enforcing.Stephen Smalley2014-05-011-1/+0
* Coalesce shared_app, media_app, release_app into untrusted_app.Stephen Smalley2014-04-041-1/+17
* Clean up, unify, and deduplicate app domain rules.Stephen Smalley2014-03-071-8/+0
* Remove redundant socket rules.Stephen Smalley2014-02-241-7/+0
* Clarify meaning of untrusted_app and app domain assignment logic.Stephen Smalley2014-02-211-3/+14
* Introduce asec_public_file type.Robert Craig2014-02-111-0/+2
* Support forcing permissive domains to unconfined.Nick Kralevich2014-01-111-1/+1
* Allow untrusted apps to execute binaries from their sandbox directories.Stephen Smalley2013-12-111-0/+4
* Isolate untrusted app ptys from other domains.Stephen Smalley2013-09-271-1/+1
* Revert "Add the ability to write shell files to the untrusted_app domain."Nick Kralevich2013-09-041-4/+1
* Add the ability to write shell files to the untrusted_app domain.Geremy Condra2013-08-161-1/+4
* Permit apps to bind TCP/UDP sockets to a hostnameAlex Klyubin2013-07-161-0/+3
* Move isolated_app.te / untrusted_app.te into permissiveNick Kralevich2013-07-161-0/+1
* Allow apps to create listening portsNick Kralevich2013-07-161-2/+2
* Temporarily allow untrusted apps to read shell data files.Nick Kralevich2013-07-151-0/+7
* untrusted_app.te / isolated_app.te / app.te first passNick Kralevich2013-07-131-2/+22
* Move *_app into their own fileNick Kralevich2013-07-121-0/+17
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-10 06:49:30 +0000