DO NOT MERGE. Remove isolated_app's ability to read sysfs. untrusted_app lost the ability to read files labeled as sysfs to prevent information leakage, but this is trivially bypassable by spawning an isolated app, since this was not taken away from isolated app. Privileges should not be gained by launching an isolated app, and this one directly defeats that hardeneing. Remove this access. Bug: 28722489 Change-Id: I61d3678eca515351c9dbe4444ee39d0c89db7a3e

commit: b84c86b21127be48850a3c533ee1a1da3bc0e195 [log] [tgz]
author: dcashman <dcashman@google.com> Thu May 12 15:49:02 2016 -0700
committer: dcashman <dcashman@google.com> Thu May 12 16:02:34 2016 -0700
tree: c775799a16a40edcfc073dbea0730b2e46f3d14b
parent: 1cfdb12a98eca625b82463eda79103f7aca7b406 [diff] [blame]
diff --git a/domain_deprecated.te b/domain_deprecated.te
index e5bfb1c..00fb516 100644
--- a/domain_deprecated.te
+++ b/domain_deprecated.te

@@ -54,7 +54,7 @@
 
 # Read access to pseudo filesystems.
 r_dir_file(domain_deprecated, proc)
-r_dir_file(domain_deprecated, sysfs)
+r_dir_file({ domain_deprecated -isolated_app }, sysfs)
 r_dir_file(domain_deprecated, inotify)
 r_dir_file(domain_deprecated, cgroup)
 allow domain_deprecated proc_meminfo:file r_file_perms;
commit	b84c86b21127be48850a3c533ee1a1da3bc0e195	[log] [tgz]
author	dcashman <dcashman@google.com>	Thu May 12 15:49:02 2016 -0700
committer	dcashman <dcashman@google.com>	Thu May 12 16:02:34 2016 -0700
tree	c775799a16a40edcfc073dbea0730b2e46f3d14b
parent	1cfdb12a98eca625b82463eda79103f7aca7b406 [diff] [blame]