webview_zygote: allow listing dirs in /system For consistency with zygote, allow webview_zygote to list directories in /system. Test: Boot Taimen. Verify webiew_zygote denials during boot. Bug: 70857705 Change-Id: I27eb18c377a5240d7430abf301c1c3af61704d59

commit: 3588ddd06d0a7514b43ac52d2ab85761454ee5aa [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Tue Jan 02 13:15:16 2018 -0800
committer: Jeff Vander Stoep <jeffv@google.com> Tue Jan 02 13:15:16 2018 -0800
tree: fe942250bebbab41950aa94c2046e088294aa9b1
parent: ff3b957e6373f06d038599ae5afc0ad9b4337bce [diff]
diff --git a/private/webview_zygote.te b/private/webview_zygote.te
index f85d40c..7a11275 100644
--- a/private/webview_zygote.te
+++ b/private/webview_zygote.te

@@ -54,6 +54,9 @@
 # Check SELinux permissions.
 selinux_check_access(webview_zygote)
 
+# Directory listing in /system.
+allow zygote system_file:dir r_dir_perms;
+
 #####
 ##### Neverallow
 #####
commit	3588ddd06d0a7514b43ac52d2ab85761454ee5aa	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Tue Jan 02 13:15:16 2018 -0800
committer	Jeff Vander Stoep <jeffv@google.com>	Tue Jan 02 13:15:16 2018 -0800
tree	fe942250bebbab41950aa94c2046e088294aa9b1
parent	ff3b957e6373f06d038599ae5afc0ad9b4337bce [diff]