Merge "kernel: neverallow dac_{override,read_search} perms" am: eb036bd0ee am: 697ec733c9 am: 9df0fa86a9 Change-Id: If712c577c03066bb4bdc0c2a4a77e18ef1fbe1c2

commit: e25d83bb6c22a9b346efdbd18e4010038599ba9b [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Fri Feb 24 17:53:06 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Fri Feb 24 17:53:06 2017 +0000
tree: 038b574a56e1832fefe905eea56bdda1d50ddc65
parent: 164690280321b7bf7365ae21b0a096fdc99bfd0b [diff]
parent: 9df0fa86a916dd4518cd7479ffeccc475eb2de91 [diff]
diff --git a/public/kernel.te b/public/kernel.te
index c404fc0..d1463dc 100644
--- a/public/kernel.te
+++ b/public/kernel.te

@@ -90,3 +90,8 @@
 # - You are running an exploit which switched to the init task credentials
 #   and is then trying to exec a shell or other program.  You lose!
 neverallow kernel *:file { entrypoint execute_no_trans };
+
+# the kernel should not be accessing files owned by other users.
+# Instead of adding dac_{read_search,override}, fix the unix permissions
+# on files being accessed.
+neverallow kernel self:capability { dac_override dac_read_search };
commit	e25d83bb6c22a9b346efdbd18e4010038599ba9b	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Fri Feb 24 17:53:06 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Fri Feb 24 17:53:06 2017 +0000
tree	038b574a56e1832fefe905eea56bdda1d50ddc65
parent	164690280321b7bf7365ae21b0a096fdc99bfd0b [diff]
parent	9df0fa86a916dd4518cd7479ffeccc475eb2de91 [diff]