| Mugdha Lakhani | 2ae45c5 | 2023-04-28 09:22:15 +0000 | [diff] [blame] | 1 | ### |
| 2 | ### SDK Sandbox process. |
| 3 | ### |
| 4 | ### This file defines the security policy for the sdk sandbox processes |
| 5 | ### for targetSdkVersion=34. |
| 6 | type sdk_sandbox_34, domain, coredomain, sdk_sandbox_all; |
| 7 | |
| 8 | net_domain(sdk_sandbox_34) |
| 9 | app_domain(sdk_sandbox_34) |
| 10 | |
| 11 | # Allow finding services. This is different from ephemeral_app policy. |
| 12 | # Adding services manually to the allowlist is preferred hence app_api_service is not used. |
| 13 | allow sdk_sandbox_34 { |
| 14 | activity_service |
| 15 | activity_task_service |
| 16 | appops_service |
| 17 | audio_service |
| 18 | audioserver_service |
| 19 | batteryproperties_service |
| 20 | batterystats_service |
| 21 | cameraserver_service |
| 22 | connectivity_service |
| 23 | connmetrics_service |
| 24 | deviceidle_service |
| 25 | display_service |
| 26 | dropbox_service |
| 27 | ephemeral_app_api_service |
| 28 | font_service |
| 29 | game_service |
| 30 | gpu_service |
| 31 | graphicsstats_service |
| 32 | hardware_properties_service |
| 33 | hint_service |
| 34 | imms_service |
| 35 | input_method_service |
| 36 | input_service |
| 37 | IProxyService_service |
| 38 | ipsec_service |
| 39 | launcherapps_service |
| 40 | legacy_permission_service |
| 41 | light_service |
| 42 | locale_service |
| 43 | media_communication_service |
| 44 | mediadrmserver_service |
| 45 | mediaextractor_service |
| 46 | mediametrics_service |
| 47 | media_projection_service |
| 48 | media_router_service |
| 49 | mediaserver_service |
| 50 | media_session_service |
| 51 | memtrackproxy_service |
| 52 | midi_service |
| 53 | netpolicy_service |
| 54 | netstats_service |
| 55 | network_management_service |
| 56 | notification_service |
| 57 | package_service |
| 58 | permission_checker_service |
| 59 | permission_service |
| 60 | permissionmgr_service |
| 61 | platform_compat_service |
| 62 | power_service |
| 63 | procstats_service |
| 64 | radio_service |
| 65 | registry_service |
| 66 | restrictions_service |
| 67 | rttmanager_service |
| 68 | search_service |
| 69 | selection_toolbar_service |
| 70 | sensor_privacy_service |
| 71 | sensorservice_service |
| 72 | servicediscovery_service |
| 73 | settings_service |
| 74 | speech_recognition_service |
| 75 | statusbar_service |
| 76 | storagestats_service |
| 77 | surfaceflinger_service |
| 78 | telecom_service |
| 79 | tethering_service |
| 80 | textclassification_service |
| 81 | textservices_service |
| 82 | texttospeech_service |
| 83 | thermal_service |
| 84 | translation_service |
| 85 | tv_iapp_service |
| 86 | tv_input_service |
| 87 | uimode_service |
| 88 | vcn_management_service |
| 89 | webviewupdate_service |
| 90 | }:service_manager find; |
| 91 | |