Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 75f34dc392b6d13818565fddd6da0111a4edefe5
commit75f34dc392b6d13818565fddd6da0111a4edefe5[log] [tgz]
authorNick Kralevich <nnk@google.com>Thu Mar 05 12:10:30 2015 -0800
committerNick Kralevich <nnk@google.com>Thu Mar 05 12:12:00 2015 -0800
treecbedbeb6aefea85fad75553859a6d7bde8a5c07d
parent723e31efe568bf3372205cb539436fb1ecef4e3f [diff]
update isolated_app service_manager rules

isolated apps should only be able to access 2 services.
Remove access permissions for services inappropriately added,
and add a neverallow rule to prevent regressions.

Change-Id: I2783465c4a22507849b2a64894fb76690a27bc01
2 files changed
tree: cbedbeb6aefea85fad75553859a6d7bde8a5c07d
  1. tools/
  2. access_vectors
  3. adbd.te
  4. Android.mk
  5. app.te
  6. attributes
  7. binderservicedomain.te
  8. bluetooth.te
  9. bootanim.te
  10. clatd.te
  11. debuggerd.te
  12. device.te
  13. dex2oat.te
  14. dhcp.te
  15. dnsmasq.te
  16. domain.te
  17. drmserver.te
  18. dumpstate.te
  19. file.te
  20. file_contexts
  21. fs_use
  22. fsck.te
  23. genfs_contexts
  24. global_macros
  25. gpsd.te
  26. hci_attach.te
  27. healthd.te
  28. hostapd.te
  29. init.te
  30. initial_sid_contexts
  31. initial_sids
  32. inputflinger.te
  33. install_recovery.te
  34. installd.te
  35. isolated_app.te
  36. kernel.te
  37. keys.conf
  38. keystore.te
  39. lmkd.te
  40. logd.te
  41. mac_permissions.xml
  42. mdnsd.te
  43. mediaserver.te
  44. mls
  45. mls_macros
  46. mtp.te
  47. net.te
  48. netd.te
  49. neverallow_macros
  50. nfc.te
  51. NOTICE
  52. platform_app.te
  53. policy_capabilities
  54. port_contexts
  55. ppp.te
  56. property.te
  57. property_contexts
  58. racoon.te
  59. radio.te
  60. README
  61. recovery.te
  62. rild.te
  63. roles
  64. runas.te
  65. sdcardd.te
  66. seapp_contexts
  67. security_classes
  68. service.te
  69. service_contexts
  70. servicemanager.te
  71. shared_relro.te
  72. shell.te
  73. slideshow.te
  74. su.te
  75. surfaceflinger.te
  76. system_app.te
  77. system_server.te
  78. te_macros
  79. tee.te
  80. toolbox.te
  81. ueventd.te
  82. uncrypt.te
  83. untrusted_app.te
  84. users
  85. vdc.te
  86. vold.te
  87. watchdogd.te
  88. wpa.te
  89. zygote.te