Merge "android.mk: drop duplicate spaces"

commit: 1a6e29e251ead902509e4ff25fdfdcaf023d860e [log] [tgz]
author: Nick Kralevich <nnk@google.com> Thu Jul 16 19:31:38 2015 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Thu Jul 16 19:31:38 2015 +0000
tree: e50f6cd2eaa96dff2b8d5110536780f9ec2b9f3c
parent: 354710e44058e38abcf2dc0fd81e63153900da98 [diff]
parent: 85402534f353ecbe1b627e4178ab1a871b16cbd3 [diff]
diff --git a/app.te b/app.te
index 40de074..a78fad1 100644
--- a/app.te
+++ b/app.te

@@ -367,3 +367,14 @@
 # Ability to set system properties.
 neverallow { appdomain -system_app -radio -shell -bluetooth -nfc }
     property_type:property_service set;
+
+# prevent creation/manipulation of globally readable symlinks
+neverallow appdomain {
+  apk_data_file
+  cache_file
+  dev_type
+  rootfs
+  system_file
+  security_file
+  tmpfs
+}:lnk_file no_w_file_perms;
commit	1a6e29e251ead902509e4ff25fdfdcaf023d860e	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Thu Jul 16 19:31:38 2015 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Thu Jul 16 19:31:38 2015 +0000
tree	e50f6cd2eaa96dff2b8d5110536780f9ec2b9f3c
parent	354710e44058e38abcf2dc0fd81e63153900da98 [diff]
parent	85402534f353ecbe1b627e4178ab1a871b16cbd3 [diff]