diff options
author | Jeff Vander Stoep <jeffv@google.com> | 2017-07-28 00:32:14 +0000 |
---|---|---|
committer | android-build-merger <android-build-merger@google.com> | 2017-07-28 00:32:14 +0000 |
commit | a1d1d0b81292ae6a5beea413a5da20fbb63088a1 (patch) | |
tree | e2b72f9ab2abfbc40c7ad6e613d01806e06443a3 | |
parent | 064636a211c1e76af9e58d6b1ace41ccf33e712e (diff) | |
parent | b30538b481ccc347411218ca7506198e55cb2ce7 (diff) | |
download | angler-a1d1d0b81292ae6a5beea413a5da20fbb63088a1.tar.gz |
Move sysfs access from domain_deprecated to platform_app am: 88941f26db am: 8883eb8722
am: b30538b481
Change-Id: I31491ba663de3bd6bbb7aa896d6f9efd4841f19d
-rw-r--r-- | sepolicy/platform_app.te | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sepolicy/platform_app.te b/sepolicy/platform_app.te index 1bb447c..c9a4781 100644 --- a/sepolicy/platform_app.te +++ b/sepolicy/platform_app.te @@ -6,3 +6,9 @@ userdebug_or_eng(` ') allow platform_app oem_qmi_server:unix_stream_socket connectto; + +# TODO scope this down. Granting these here is not granting new permissions, +# just moving existing permissions from domain_deprecated to platform_app as +# part of b/28760354 in order to deprivilege other processes which do not need +# access. +r_dir_file(platform_app, sysfs) |