commit ecb00a109c7dcf4c29c93b2ac64db3585d303f3f
author Jeff Vander Stoep <jeffv@google.com> Tue Jan 08 10:22:01 2019 -0800
committer Jeffrey Vander Stoep <jeffv@google.com> Tue Jan 08 18:44:29 2019 +0000
tree ba4ab7b3eb357339a1b80284edaf1e22293e4271
parent edbe51215eb01cfbb2fe609b71b8e0b07e156244

audit use of net.dns. property

Bug: 33308258
Test: atest CtsSelinuxTargetSdk25TestCases
Change-Id: Ifeceecec7b2f38ebd38b6693712b8f65ee24dc5d

private/untrusted_app_25.te

diff --git a/private/untrusted_app_25.te b/private/untrusted_app_25.te
index 6f92ef5..7bf5f99 100644
--- a/private/untrusted_app_25.te
+++ b/private/untrusted_app_25.te
@@ -26,9 +26,10 @@
 net_domain(untrusted_app_25)
 bluetooth_domain(untrusted_app_25)
 
-# b/34115651 - net.dns* properties read
+# b/34115651, b/33308258 - net.dns* properties read
 # This will go away in a future Android release
 get_prop(untrusted_app_25, net_dns_prop)
+auditallow untrusted_app_25 net_dns_prop:file read;
 
 # b/35917228 - /proc/misc access
 # This will go away in a future Android release