commit 9a123be4347d47fb77c1963554a4df513e3246d1
author Jooyung Han <jooyung@google.com> Fri Feb 16 11:06:40 2024 +0000
committer Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Feb 16 11:06:40 2024 +0000
tree 43dcd9fba9342e7d301e6d454631305a4fa3a5b7
parent f77cf6780c9f3bd12ce744dd5a7be635b17436bc

Revert^2 "Relax neverallows for vendor to use /system/bin/sh"

This reverts commit f77cf6780c9f3bd12ce744dd5a7be635b17436bc.

Reason for revert: sepolicy change is still necessary. (won't break things)

Change-Id: If47218b39ac34c21f3e09d29a5e713b240c4f0a6

public/hal_neverallows.te

diff --git a/public/hal_neverallows.te b/public/hal_neverallows.te
index 621a0b8..6730c32 100644
--- a/public/hal_neverallows.te
+++ b/public/hal_neverallows.te
@@ -85,7 +85,13 @@
   halserverdomain
   -hal_dumpstate_server
   -hal_telephony_server
-} { file_type fs_type }:file execute_no_trans;
+} {
+  file_type
+  fs_type
+  # May invoke shell commands via /system/bin/sh
+  -shell_exec
+  -toolbox_exec
+}:file execute_no_trans;
 # Do not allow a process other than init to transition into a HAL domain.
 neverallow { domain -init } halserverdomain:process transition;
 # Only allow transitioning to a domain by running its executable. Do not