Sepolicy: Fix comment on apexd:fd use The file descriptors for /dev/zero are no longer open. However, a descriptor to the shell is still inherited. Update the comment. Bug: 126787589 Test: m Test: manual Change-Id: I0d4518d2ba771622ea969bbf02827db45788bc09

commit: 15e02450f1aecdde9912592dba2d71baf4d8e1bd [log] [tgz]
author: Andreas Gampe <agampe@google.com> Mon Mar 11 11:01:11 2019 -0700
committer: Andreas Gampe <agampe@google.com> Fri Mar 15 11:26:05 2019 -0700
tree: 75a315c1bde36a9c65233046d0d47a2233ee0847
parent: 5a74473d1b63e307379167fd7b0e9225204f3400 [diff]
diff --git a/private/art_apex_postinstall.te b/private/art_apex_postinstall.te
index 575e0bf..576ed20 100644
--- a/private/art_apex_postinstall.te
+++ b/private/art_apex_postinstall.te

@@ -4,7 +4,7 @@
 type art_apex_postinstall, domain, coredomain;
 type art_apex_postinstall_exec, system_file_type, exec_type, file_type;
 
-# /dev/zero
+# /system/bin/sh (see b/126787589).
 allow art_apex_postinstall apexd:fd use;
 
 # Read temp dirs and files. Move directories.

diff --git a/private/art_apex_preinstall.te b/private/art_apex_preinstall.te
index e6a8475..12b1020 100644
--- a/private/art_apex_preinstall.te
+++ b/private/art_apex_preinstall.te

@@ -4,7 +4,7 @@
 type art_apex_preinstall, domain, coredomain;
 type art_apex_preinstall_exec, system_file_type, exec_type, file_type;
 
-# /dev/zero
+# /system/bin/sh (see b/126787589).
 allow art_apex_preinstall apexd:fd use;
 
 # Create temp dirs and files under /data/ota.
commit	15e02450f1aecdde9912592dba2d71baf4d8e1bd	[log] [tgz]
author	Andreas Gampe <agampe@google.com>	Mon Mar 11 11:01:11 2019 -0700
committer	Andreas Gampe <agampe@google.com>	Fri Mar 15 11:26:05 2019 -0700
tree	75a315c1bde36a9c65233046d0d47a2233ee0847
parent	5a74473d1b63e307379167fd7b0e9225204f3400 [diff]