62d3b4f103e30b4d0795a8d6438d5a3060b536b1 - android_system_sepolicy

commit	62d3b4f103e30b4d0795a8d6438d5a3060b536b1	[log] [tgz]
author	Nick Kralevich <nnk@google.com>	Mon Oct 09 15:10:30 2017 -0700
committer	Nick Kralevich <nnk@google.com>	Tue Oct 10 10:31:33 2017 -0700
tree	ffad7274c35e86409e77943863ffa6e5f3db2432
parent	f3f194c09a7caf493bb43ac244e62658d19fbc47 [diff]

Ensure /sys restrictions for isolated_apps

isolated_apps are intended to be strictly limited in the /sys files
which can be read. Add a neverallow assertion to guarantee this on all
Android compatible devices.

Test: policy compiles.
Change-Id: I2980291dcf4e74bb12c81199d61c5eb8a182036c

private/isolated_app.te[diff]

1 file changed

tree: ffad7274c35e86409e77943863ffa6e5f3db2432

prebuilts/
private/
public/
reqd_mask/
tests/
tools/
vendor/
Android.bp
Android.mk
CleanSpec.mk
definitions.mk
MODULE_LICENSE_PUBLIC_DOMAIN
NOTICE
OWNERS
PREUPLOAD.cfg
README