diff options
author | Jorge E. Moreira <jemoreira@google.com> | 2017-11-28 11:11:36 -0800 |
---|---|---|
committer | Greg Hartman <ghartman@google.com> | 2018-01-11 18:10:20 -0800 |
commit | 6ecd87ff087c29802dabe67706a86060f34d462c (patch) | |
tree | 45dda832b3f1793a5a6f38f4345e2802440d1d86 | |
parent | 98440922db8c08ab17fad042bc1a025d3c7e1e55 (diff) | |
download | cuttlefish-6ecd87ff087c29802dabe67706a86060f34d462c.tar.gz |
Removes vnc server permissions to open /dev/uinput
The vnc server no longer configures its own input devices, but rather
uses the vsoc input service, so it no longer needs to access uinput.
Test: run locally
Change-Id: Ia25950458e0beff03d65176c578ec8b1e665a24f
(cherry picked from commit 7f4d41b923509e5df4a1193d1deae1fea98b9ce3)
-rw-r--r-- | shared/sepolicy/vnc_server.te | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/shared/sepolicy/vnc_server.te b/shared/sepolicy/vnc_server.te index d7f436f56..613e46f43 100644 --- a/shared/sepolicy/vnc_server.te +++ b/shared/sepolicy/vnc_server.te @@ -10,9 +10,6 @@ allow vnc_server self:capability net_raw; # Read GCE initial metadata file allow vnc_server initial_metadata_file:file r_file_perms; -# I/O with /dev/uinput -allow vnc_server uhid_device:chr_file rw_file_perms; - # Framebuffer I/O allow vnc_server fb_ctl_file:file rw_file_perms; allow vnc_server userspace_fb_file:file rw_file_perms; |