priv_app: Remove permission to read from /data/anr/traces.txt
We added an auditallow for this permission on 12/17/2019, and have not
seen any recent logs for this in go/sedenials. No other priv-app should
rely on this now that gmscore is running in its own domain.
Bug: 147833123
Test: TH
Change-Id: I96f810a55e0eb8f3778aea9598f6437de0f65c7f
diff --git a/private/priv_app.te b/private/priv_app.te
index 161b245..957ddb8 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -81,13 +81,6 @@
allow priv_app { apk_tmp_file apk_private_tmp_file }:dir r_dir_perms;
allow priv_app { apk_tmp_file apk_private_tmp_file }:file r_file_perms;
-# b/18504118: Allow reads from /data/anr/traces.txt
-allow priv_app anr_data_file:file r_file_perms;
-# b/142672293: No other priv-app should need this allow rule now that GMS core runs in its own domain.
-userdebug_or_eng(`
- auditallow priv_app anr_data_file:file r_file_perms;
-')
-
# For AppFuse.
allow priv_app vold:fd use;
allow priv_app fuse_device:chr_file { read write };