Restrict system_server_startup domain This seems like an oversight when system_server_startup was introduced (commit caf42d615dc9488d8e3601d3277167d61475a61a). Test: Presubmits Change-Id: Ia371caa8dfc2c250d6ca6f571cf002e25703e793

commit: 665c295efc8546f6f684b736d84c06958c50f4c9 [log] [tgz]
author: Alan Stokes <alanstokes@google.com> Fri Nov 26 11:39:02 2021 +0000
committer: Alan Stokes <alanstokes@google.com> Fri Nov 26 11:41:51 2021 +0000
tree: 4930d5f1a0afb96678f9a08eb9220f1cb42acf27
parent: 274636c9582b54d678bdee5f950f4d3857c9eee3 [diff]
diff --git a/private/seapp_contexts b/private/seapp_contexts
index c7daf6b..d47134b 100644
--- a/private/seapp_contexts
+++ b/private/seapp_contexts

@@ -99,9 +99,11 @@
 # inputs are matched on a key value rule line.
 #
 
-# only the system server can be in system_server domain
+# only the system server can be assigned the system_server domains
 neverallow isSystemServer=false domain=system_server
+neverallow isSystemServer=false domain=system_server_startup
 neverallow isSystemServer="" domain=system_server
+neverallow isSystemServer="" domain=system_server_startup
 
 # system domains should never be assigned outside of system uid
 neverallow user=((?!system).)* domain=system_app
commit	665c295efc8546f6f684b736d84c06958c50f4c9	[log] [tgz]
author	Alan Stokes <alanstokes@google.com>	Fri Nov 26 11:39:02 2021 +0000
committer	Alan Stokes <alanstokes@google.com>	Fri Nov 26 11:41:51 2021 +0000
tree	4930d5f1a0afb96678f9a08eb9220f1cb42acf27
parent	274636c9582b54d678bdee5f950f4d3857c9eee3 [diff]