| commit | 2da651b0d584f495158fae58a652f9d321d98924 | [log] [tgz] |
|---|---|---|
| author | Tri Vo <trong@google.com> | Tue Nov 06 16:27:55 2018 +0000 |
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | Tue Nov 06 16:27:55 2018 +0000 |
| tree | a3d0e5919b979e3e9a8172159acf3c3b69f9c6bf | |
| parent | c7eb1cd5f3c84e83621f2bef9e671c9757139600 [diff] | |
| parent | 9410105cc7b9f3b57c0186e2f0e1218e7416759c [diff] |
Merge "Neverallow vendor access to system_file."
diff --git a/public/clatd.te b/public/clatd.te index 5c9d724..7d3d40e 100644 --- a/public/clatd.te +++ b/public/clatd.te
@@ -34,3 +34,4 @@ allow clatd self:netlink_route_socket nlmsg_write; allow clatd self:{ packet_socket rawip_socket tun_socket } create_socket_perms_no_ioctl; allow clatd tun_device:chr_file rw_file_perms; +allowxperm clatd tun_device:chr_file ioctl { TUNGETIFF TUNSETIFF };