Revert "Allow MediaProvider to host FUSE devices."
This reverts commit b56cc6fb1f8c56e5349661eafe77f43d01842fc7.
Reason for revert: Not necessary
Change-Id: I99d7df2435294e78b753149e20377e78c1c60d36
diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index d496e90..be0a598 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -137,8 +137,8 @@
')
}:dir_file_class_set { create unlink };
-# No untrusted component except mediaprovider should be touching /dev/fuse
-neverallow { all_untrusted_apps -mediaprovider } fuse_device:chr_file *;
+# No untrusted component should be touching /dev/fuse
+neverallow all_untrusted_apps fuse_device:chr_file *;
# Do not allow untrusted apps to directly open the tun_device
neverallow all_untrusted_apps tun_device:chr_file open;
diff --git a/private/mediaprovider.te b/private/mediaprovider.te
index 6926412..30d3fe0 100644
--- a/private/mediaprovider.te
+++ b/private/mediaprovider.te
@@ -34,9 +34,6 @@
# MtpServer uses /dev/mtp_usb
allow mediaprovider mtp_device:chr_file rw_file_perms;
-# Fuse daemon
-allow mediaprovider fuse_device:chr_file { read write ioctl getattr };
-
# MtpServer uses /dev/usb-ffs/mtp
allow mediaprovider functionfs:dir search;
allow mediaprovider functionfs:file rw_file_perms;