Merge "init: drop /dev/keychord access"

commit: b54e2b7bb3469c4bbae939bddb52c09758332fb8 [log] [tgz]
author: Treehugger Robot <treehugger-gerrit@google.com> Wed Aug 29 14:40:32 2018 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Aug 29 14:40:32 2018 +0000
tree: 57f2ea4a545f402c03e2855cc09cf491911afa6a
parent: efb6667a2c8a7b8e521396abe5dcc062599fb554 [diff]
parent: 0722b5aab6c54bdb3e481048ab2bd8c47679b7a1 [diff]
diff --git a/public/shell.te b/public/shell.te
index 6c93703..9569d97 100644
--- a/public/shell.te
+++ b/public/shell.te

@@ -47,11 +47,7 @@
 allow shell console_device:chr_file rw_file_perms;
 
 allow shell input_device:dir r_dir_perms;
-allow shell input_device:chr_file rw_file_perms;
-# b/30861057: TODO: No shell write access to existing input devices
-userdebug_or_eng(`
-  auditallow shell input_device:chr_file write;
-')
+allow shell input_device:chr_file r_file_perms;
 
 r_dir_file(shell, system_file)
 allow shell system_file:file x_file_perms;
@@ -238,3 +234,12 @@
 
 # Limit shell to only getattr on blk devices for host side tests.
 neverallow shell dev_type:blk_file ~getattr;
+
+# b/30861057: Shell access to existing input devices is an abuse
+# vector. The shell user can inject events that look like they
+# originate from the touchscreen etc.
+# Everyone should have already moved to UiAutomation#injectInputEvent
+# if they are running instrumentation tests (i.e. CTS), Monkey for
+# their stress tests, and the input command (adb shell input ...) for
+# injecting swipes and things.
+neverallow shell input_device:chr_file no_w_file_perms;
commit	b54e2b7bb3469c4bbae939bddb52c09758332fb8	[log] [tgz]
author	Treehugger Robot <treehugger-gerrit@google.com>	Wed Aug 29 14:40:32 2018 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Aug 29 14:40:32 2018 +0000
tree	57f2ea4a545f402c03e2855cc09cf491911afa6a
parent	efb6667a2c8a7b8e521396abe5dcc062599fb554 [diff]
parent	0722b5aab6c54bdb3e481048ab2bd8c47679b7a1 [diff]