Neverallow vendor access to system_file. Bug: 111243627 Test: m selinux_policy Change-Id: I37d03906b93c8810f1d33af736f19fd6ab241c35

commit: 9410105cc7b9f3b57c0186e2f0e1218e7416759c [log] [tgz]
author: Tri Vo <trong@google.com> Mon Oct 22 14:43:03 2018 -0700
committer: Tri Vo <trong@google.com> Mon Nov 05 17:21:44 2018 +0000
tree: e2fea1e30582f434de19d53987b3ede3e1fb7979
parent: 41ab29eeb3b3f680bc9f019034d7c6e31aab1455 [diff]
diff --git a/public/domain.te b/public/domain.te
index 0244b7a..b17893b 100644
--- a/public/domain.te
+++ b/public/domain.te

@@ -1063,7 +1063,6 @@
         -vendor_init
     } {
         system_file_type
-        -system_file # TODO(b/111243627): remove once Treble violations are fixed.
         -system_lib_file
         -system_linker_exec
         -crash_dump_exec
@@ -1141,7 +1140,6 @@
     -vendor_init
   } {
     system_file_type
-    -system_file # TODO(b/111243627): remove once Treble violations are fixed.
     -crash_dump_exec
     -file_contexts_file
     -netutils_wrapper_exec
commit	9410105cc7b9f3b57c0186e2f0e1218e7416759c	[log] [tgz]
author	Tri Vo <trong@google.com>	Mon Oct 22 14:43:03 2018 -0700
committer	Tri Vo <trong@google.com>	Mon Nov 05 17:21:44 2018 +0000
tree	e2fea1e30582f434de19d53987b3ede3e1fb7979
parent	41ab29eeb3b3f680bc9f019034d7c6e31aab1455 [diff]