Audit execution of app_data_file by untrusted_app. Test: Builds Bug: 126536482 Change-Id: I9fe7623353cbb980db3853a8979f03ba033c7f45

commit: 931623e5b97659bfd3b7cf70db47f40dc5f474fc [log] [tgz]
author: Alan Stokes <alanstokes@google.com> Wed Feb 27 18:07:09 2019 +0000
committer: Alan Stokes <alanstokes@google.com> Wed Feb 27 18:07:09 2019 +0000
tree: 65fb0b7a51296f396fbc254e83f968d6ab68ff03
parent: 4108c665a1dd91f742b75985ed25fdc2ac9d7332 [diff] [blame]
diff --git a/private/untrusted_app_all.te b/private/untrusted_app_all.te
index 24e42d3..eab10db 100644
--- a/private/untrusted_app_all.te
+++ b/private/untrusted_app_all.te

@@ -24,6 +24,7 @@
 # to their sandbox directory and then execute.
 allow untrusted_app_all privapp_data_file:file { r_file_perms execute };
 allow untrusted_app_all app_data_file:file     { r_file_perms execute };
+auditallow untrusted_app_all app_data_file:file execute;
 
 # Chrome Crashpad uses the the dynamic linker to load native executables
 # from an APK (b/112050209, crbug.com/928422)
commit	931623e5b97659bfd3b7cf70db47f40dc5f474fc	[log] [tgz]
author	Alan Stokes <alanstokes@google.com>	Wed Feb 27 18:07:09 2019 +0000
committer	Alan Stokes <alanstokes@google.com>	Wed Feb 27 18:07:09 2019 +0000
tree	65fb0b7a51296f396fbc254e83f968d6ab68ff03
parent	4108c665a1dd91f742b75985ed25fdc2ac9d7332 [diff] [blame]