audit untrusted_app access to mtp_device am: 7b8f9f153e am: 775dda1fb3 * commit '775dda1fb3641e3ea2be4124a9a77cb236648d6f': audit untrusted_app access to mtp_device

commit: ad32785689beec1939f215e1947bac0ee12b099d [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Fri Oct 23 18:12:32 2015 +0000
committer: android-build-merger <android-build-merger@google.com> Fri Oct 23 18:12:32 2015 +0000
tree: 41776d33825d14cc01bcbf9da89920f65f0c801c
parent: 4b1c3de99ae22ce98da97266bc1903f71e285571 [diff]
parent: 775dda1fb3641e3ea2be4124a9a77cb236648d6f [diff]
diff --git a/untrusted_app.te b/untrusted_app.te
index e41616a..7422fb2 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te

@@ -60,7 +60,11 @@
 #
 
 # Access /dev/mtp_usb.
+# TODO android.process.media moved to priv_app domain. Does
+# untrusted_app still require these permissions? Can "open"
+# be removed?
 allow untrusted_app mtp_device:chr_file rw_file_perms;
+auditallow untrusted_app mtp_device:chr_file rw_file_perms;
 
 # Access to /data/media.
 allow untrusted_app media_rw_data_file:dir create_dir_perms;
commit	ad32785689beec1939f215e1947bac0ee12b099d	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Fri Oct 23 18:12:32 2015 +0000
committer	android-build-merger <android-build-merger@google.com>	Fri Oct 23 18:12:32 2015 +0000
tree	41776d33825d14cc01bcbf9da89920f65f0c801c
parent	4b1c3de99ae22ce98da97266bc1903f71e285571 [diff]
parent	775dda1fb3641e3ea2be4124a9a77cb236648d6f [diff]