diff options
author | Jeff Vander Stoep <jeffv@google.com> | 2017-07-28 00:26:44 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2017-07-28 00:26:44 +0000 |
commit | 8883eb87226929b9922736cc2720de99f7356947 (patch) | |
tree | 5c87302f6513d7fbadeb8f0be697eaef6396fd55 | |
parent | 7e8dafaad387358b0a8f56ec48b45c858851a1d2 (diff) | |
parent | 88941f26dbbf44d0930fd9fde0d6ceb2798fc47c (diff) | |
download | angler-8883eb87226929b9922736cc2720de99f7356947.tar.gz |
Move sysfs access from domain_deprecated to platform_app
am: 88941f26db
Change-Id: I9900b87f87c61ff8646e8b1efcf490173ce7a5f9
-rw-r--r-- | sepolicy/platform_app.te | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sepolicy/platform_app.te b/sepolicy/platform_app.te index 1bb447c..c9a4781 100644 --- a/sepolicy/platform_app.te +++ b/sepolicy/platform_app.te @@ -6,3 +6,9 @@ userdebug_or_eng(` ') allow platform_app oem_qmi_server:unix_stream_socket connectto; + +# TODO scope this down. Granting these here is not granting new permissions, +# just moving existing permissions from domain_deprecated to platform_app as +# part of b/28760354 in order to deprivilege other processes which do not need +# access. +r_dir_file(platform_app, sysfs) |