| commit | 1b2f74f2935a56c3e91c6653d0c1c23ebb9e112e | [log] [tgz] |
|---|---|---|
| author | Marko Man <darkobas@gmail.com> | Mon Oct 12 16:05:12 2020 +0200 |
| committer | micky387 <mickaelsaibi@free.fr> | Fri Sep 13 16:09:23 2024 -0400 |
| tree | 28a21a2c5dad9c412657c15ea5fed703ae8eb863 | |
| parent | ad1c4255c49d57fe885894a8b690c0dfd542100b [diff] [blame] |
sepolicy: allow update angine and syslog read Change-Id: Ib3db5b998bc62c8cda3a298e2d626bacfed37070 sepolicy: allow update angine and syslog read II Change-Id: Ia656b4767f41e4cbfc21a485f312810b45fc2d58 sepolicy: allow update angine and syslog read III Change-Id: Ic231ad9f99da96eee9083e4a500eda2c2c4dd655 sepolicy: allow update angine and syslog read IV Change-Id: I42d55d4adc022b8cc31ff2fb2d486b49829ceaa2 sepolicy: allow update angine and syslog read V For api 33 Change-Id: I2fe89e2955721e3d50b036c80db3b94d7627c887 sepolicy: policy for ota pt III Change-Id: Ifad8dabaea731ad4a68e57e8ea29008e5e4fe9e3 sepolocy: sync prebuilts/34.0 Change-Id: Iba65d47940b1056b2a61eade70802e6877996db5 sepolicy: add syslog_read perms for matlog [micky387] move to private/app.te for A15 Change-Id: Ie7d88e717fe233b3a241d580af85b01639123261 sepolicy: Sync to prebuilts/202404 Change-Id: I8ab8c413af887d2ddb9b0733dccff0ce17f5c2c4 sepolicy: Sync to prebuilts/202404 v2 Change-Id: I40b232478cf86ad45e41690af84d96b35dfb1d4b
diff --git a/private/app.te b/private/app.te index 30931e4..50a9d9a 100644 --- a/private/app.te +++ b/private/app.te
@@ -656,7 +656,8 @@ proc:dir_file_class_set write; # Access to syslog(2) or /proc/kmsg. -neverallow appdomain kernel:system { syslog_read syslog_mod syslog_console }; +neverallow { appdomain -system_app -shell -platform_app -priv_app } + kernel:system { syslog_read syslog_mod syslog_console }; # SELinux is not an API for apps to use neverallow { appdomain -shell } *:security { compute_av check_context };