Restrict system server from reading statsd data Bug: 267367423 Test: m -j Change-Id: I0628142c2380cf568643f864ae211fbf5380550c

commit: fcf5a91e00a68b16e6c3bcca0c4fad262b8dde5f [log] [tgz]
author: Jeffrey Huang <jeffreyhuang@google.com> Thu Feb 02 11:57:18 2023 -0800
committer: Jeffrey Huang <jeffreyhuang@google.com> Mon Feb 06 18:29:21 2023 -0800
tree: 5f9c3970b604d553bfa9af39c2ef3c29778783a4
parent: dd32f3bfbc27b81e80460cb55f7d5302a4ba7771 [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index aedebaf..7a91557 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -221,9 +221,9 @@
 # Write to /proc/sysrq-trigger.
 allow system_server proc_sysrq:file rw_file_perms;
 
-# Delete /data/misc/stats-data/ and /data/misc/stats-service/ directories.
-allow system_server stats_data_file:dir { open read remove_name search write };
-allow system_server stats_data_file:file unlink;
+# Delete /data/misc/stats-service/ directories.
+allow system_server stats_config_data_file:dir { open read remove_name search write };
+allow system_server stats_config_data_file:file unlink;
 
 # Read metric file & upload to statsd
 allow system_server odsign_data_file:dir search;
commit	fcf5a91e00a68b16e6c3bcca0c4fad262b8dde5f	[log] [tgz]
author	Jeffrey Huang <jeffreyhuang@google.com>	Thu Feb 02 11:57:18 2023 -0800
committer	Jeffrey Huang <jeffreyhuang@google.com>	Mon Feb 06 18:29:21 2023 -0800
tree	5f9c3970b604d553bfa9af39c2ef3c29778783a4
parent	dd32f3bfbc27b81e80460cb55f7d5302a4ba7771 [diff] [blame]