| commit | 685ef6b8216f94e7e2a2bac4ee04aaada5db4a81 | [log] [tgz] |
|---|---|---|
| author | Treehugger Robot <treehugger-gerrit@google.com> | Thu Dec 01 17:29:33 2016 +0000 |
| committer | Gerrit Code Review <noreply-gerritcodereview@google.com> | Thu Dec 01 17:29:34 2016 +0000 |
| tree | dacd1b54ac8b95b68ae1b75a5f32b1e4c395440c | |
| parent | dd649da84b5bb9e54a180d45c4c5b754750bd779 [diff] | |
| parent | 314d8c5801a47523f18eb703205183f8fdd0068b [diff] |
Merge "Added an auditallow rule to track vold remounting filesystems."
diff --git a/public/vold.te b/public/vold.te index 3ebb1d2..fe3ab71 100644 --- a/public/vold.te +++ b/public/vold.te
@@ -94,6 +94,9 @@ # Unmount and mount the fs. allow vold labeledfs:filesystem { mount unmount remount }; +# audit any attempts of vold to remount a filesystem, monitor in a few weeks +# then remove +auditallow vold labeledfs:filesystem { remount }; # Access /efs/userdata_footer. # XXX Split into a separate type?