Adding ability for priv apps to read traceur fd
Only untrusted apps had privilegs to read file descriptors passed in
from traceur, which was an oversight. This fixes the policy so that priv
apps can also access file descriptors from traceur in order to read
reports shared from traceur.
Bug: 74435522
Test: better bug has access to reports shared from traceur
Change-Id: I591872cdac31eec62edbc81d95f1220f1152427f
diff --git a/private/priv_app.te b/private/priv_app.te
index 565aa4a..80425dd 100644
--- a/private/priv_app.te
+++ b/private/priv_app.te
@@ -58,6 +58,9 @@
allow priv_app shell_data_file:file r_file_perms;
allow priv_app shell_data_file:dir r_dir_perms;
+# Allow traceur to pass file descriptors through a content provider to betterbug
+allow priv_app trace_data_file:file { getattr read };
+
# Allow verifier to access staged apks.
allow priv_app { apk_tmp_file apk_private_tmp_file }:dir r_dir_perms;
allow priv_app { apk_tmp_file apk_private_tmp_file }:file r_file_perms;
@@ -191,3 +194,8 @@
# bugs, so we want to ensure priv_app never has this
# capability.
neverallow priv_app file_type:file link;
+
+# priv apps should not be able to open trace data files, they should depend
+# upon traceur to pass a file descriptor which they can then read
+neverallow priv_app trace_data_file:dir *;
+neverallow priv_app trace_data_file:file { no_w_file_perms open };