Ensure that only desired processes can access TracingServiceProxy This change adds a neverallow rule in traced.te to limit the processes that can find tracingproxy_service, the context for TracingServiceProxy. I wanted to avoid moving the tracingproxy_service definition to public, so there were a few services that are exempted from this neverallow rule. Bug: 191391382 Test: Manually verified that with this change, along with the other change in this topic, I see no errors when taking a bugreport while a Traceur trace is running. Change-Id: I8658df0db92ae9cf4fefe2eebb4d6d9a5349ea89

commit: a60d7f28f2e6f482500bbe7e3b6863e44d663dd0 [log] [tgz]
author: Carmen Jackson <carmenjackson@google.com> Wed Jun 23 16:53:45 2021 -0700
committer: Carmen Jackson <carmenjackson@google.com> Thu Jun 24 08:24:20 2021 +0000
tree: c8d4a22a136cad83c9db73409fc307a5e3fd658d
parent: 635853a710b624fa99a257d371618741e4b96799 [diff] [blame]
diff --git a/private/incidentd.te b/private/incidentd.te
index ef191a2..e20e6ca 100644
--- a/private/incidentd.te
+++ b/private/incidentd.te

@@ -161,6 +161,7 @@
   system_server_service
   app_api_service
   system_api_service
+  -tracingproxy_service
 }:service_manager find;
 
 # Only incidentd can publish the binder service
commit	a60d7f28f2e6f482500bbe7e3b6863e44d663dd0	[log] [tgz]
author	Carmen Jackson <carmenjackson@google.com>	Wed Jun 23 16:53:45 2021 -0700
committer	Carmen Jackson <carmenjackson@google.com>	Thu Jun 24 08:24:20 2021 +0000
tree	c8d4a22a136cad83c9db73409fc307a5e3fd658d
parent	635853a710b624fa99a257d371618741e4b96799 [diff] [blame]