| commit | f226b0c9456ac07309a378e03e86add0e3badfb0 | [log] [tgz] |
|---|---|---|
| author | dcashman <dcashman@google.com> | Thu Dec 10 13:26:42 2015 -0800 |
| committer | dcashman <dcashman@google.com> | Tue Jan 05 12:05:06 2016 -0800 |
| tree | e0596f2ce0bbf0309b9a5459d8ba1a3069ae79c6 | |
| parent | 549ccf77e3fd23bb6c690da7023441c1007c4fd8 [diff] |
Log app access to sysfs for removal. Bug: 22032619 Change-Id: Ic160e0beef353c6dc5fb5e2d6a09a5628f067fe3
diff --git a/app.te b/app.te index 48aebbf..7364d24 100644 --- a/app.te +++ b/app.te
@@ -219,6 +219,10 @@ selinux_check_access(appdomain) selinux_check_context(appdomain) +# appdomain should not be accessing information on /sys +auditallow appdomain sysfs:dir { open getattr read ioctl }; +auditallow appdomain sysfs:file r_file_perms; + ### ### Neverallow rules ###