Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 626f90c541add3560e5eb23cca6c2c9d6cebdcf4
commit626f90c541add3560e5eb23cca6c2c9d6cebdcf4[log] [tgz]
authorMax Bires <jbires@google.com>Fri Jan 20 14:26:05 2017 -0800
committerMax Bires <jbires@google.com>Mon Jan 23 15:48:53 2017 -0800
tree88b38e0a277747fbdf86ed24300ab2592f9086f1
parent952072b9da4997846e62317aad10dea24c6e515b [diff]
Adding a neverallow rule to prevent renaming of device and char files

This neverallow addition addresses the renaming of files in exploits in
order to bypass denied permissions. An example of a similar use case of
using mv to bypass permission denials appeared in a recent project zero
ChromeOS exploit as one of the steps in the exploit chain.
https://googleprojectzero.blogspot.com/2016/12/chrome-os-exploit-one-byte-overflow-and.html

Additionally, vold and init both had permission sets that allowed them
to rename, but neither of them seem to need it. Therefore the rename
permission has also been removed from these two .te files.

Test: The device boots successfully
Change-Id: I07bbb58f058bf050f269b083e836c2c9a5bbad80
3 files changed
tree: 88b38e0a277747fbdf86ed24300ab2592f9086f1
  1. private/
  2. public/
  3. reqd_mask/
  4. tools/
  5. Android.mk
  6. CleanSpec.mk
  7. MODULE_LICENSE_PUBLIC_DOMAIN
  8. NOTICE
  9. PREUPLOAD.cfg
  10. README